Apache Virtual Host Configuration on Cluster Nodes


If your node(s) only need to serve a single web host address (one DNS registered host name), you would be done at this point with your changes to the httpd.conf file. However, you will most likely need to configure each cluster node as a web server able to offer several different addresses or web host names. Apache lets you do so using either IP-based or name-based virtual hosts.

Apache IP-Based Virtual Hosts

Older web browsers (Netscape version 1.1 or early releases of Internet Explorer) that do not know how to send requests with the web host name embedded (HTTP version 1.0) and HTTPS requests (even when sent from new web browsers) require IP-based virtual hosts.[2]

The Apache web servers running on the real servers inside the cluster can serve several IP-based web hosts from a single real server using IP-based VirtualHost containers in the Apache configuration file. Each VIP address the cluster offers to client computers will have one VirtualHost container associated with it that looks like this:

 <VirtualHost 209.100.100.3:80 10.1.1.2:80>     #     #      209.100.100.3 is the VIP address known to   client computers     #      10.1.1.2 is the RIP address on LVS-NAT cluster node 1     #       ServerName www.yourdomain.com       ServerAdmin yourname@yourdomain.com     DocumentRoot /www/htdocs     ErrorLog /var/log/httpd/error_log     TransferLog /var/log/httpd/access_log </VirtualHost> 

In this example, both the VIP and the RIP addresses are placed on the VirtualHost line so we can use the same httpd.conf file on both the real server and the Director.

When you add another cluster node, add it to the VirtualHost directive, as shown in the following example:

 <VirtualHost 209.100.100.3:80 10.1.1.2:80 10.1.1.3:80>     #     #      209.100.100.3 is the VIP address known to client computers     #      10.1.1.2 is the RIP address on LVS-NAT cluster node 1     #      10.1.1.3 is the RIP address on LVS-NAT cluster node 2     ServerName www.yourdomain.com     ServerAdmin yourname@yourdomain.com     DocumentRoot /www/htdocs     ErrorLog /var/log/httpd/error_log     TransferLog /var/log/httpd/access_log </VirtualHost> 

The format of the VirtualHost container is:

 <VirtualHost   VIP:Port   Virtual RIP1-1:Port   Virtual RIP2-1:Port  ... >     Options that will override the general server options. </VirtualHost> 

Adding all of the cluster node RIP addresses to the VirtualHost directive allows you to use the same Apache configuration file on all cluster nodes instead of forcing you to maintain separate configuration files on each cluster node.

Note 

In an LVS-DR cluster, you can leave out the RIP addresses and only use the VIP addresses because the real servers receive the HTTP packets from the Director on a VIP address.

Name-Based Virtual Hosts

All web browsers now know how to send a web host name embedded in the HTTP request. This allows you to conserve IP addresses and specify several different web host names (or CNAMES in DNS) for a single VIP address. When the Apache[3] web server receives a request for a name-based virtual host, it needs to know which virtual host container in the httpd.conf file to use.

Apache decides which container to use for name-based virtual hosts by matching the IP address used in the HTTP request with a VirtualHost container and then looking inside this container at the ServerName directive. If the ServerName directive is equal to the web host name embedded in the client computer's HTTP request, Apache knows it has found the correct container.[4]

For example, if you had registered both www1.yourdomain.com and www2.yourdomain.com to IP address 209.100.100.3 using DNS, you could create httpd.conf entries that looked like this:

 # Enable Name-based virtual hosts on all IP addresses. NameVirtualHost * # First name-based virtual web: www1.yourdomain.com <VirtualHost *>     ServerAdmin yourname@yourdomain.com     UseCanonicalName off     DocumentRoot /www/ww1/htdocs     ServerName www1.yourdomain.com     ErrorLog /var/log/httpd/error_log     TransferLog /var/log/httpd/access_log </VirtualHost> # Second name-based virtual web: www2.yourdomain.com <VirtualHost *>     ServerAdmin yourname@yourdomain.com     UseCanonicalName off     DocumentRoot /www/www2/htdocs     ServerName www2.yourdomain.com     ErrorLog /var/log/httpd/error_log     TransferLog /var/log/httpd/access_log </VirtualHost> 

Note 

First-generation web browsers that do not send a web host name embedded in their HTTP request will be sent, by default, to the first virtual host container defined. (See the workaround to overcome this problem using the ServerPath directive on the Apache website.)

Notice that we have enabled named-based virtual hosts by adding the NameVirtualHost directive (before the VirtualHost containers).

You cannot use name-based virtual hosts on a web server that will use the SSL protocol (to provide a secure page to enter credit card information, for example). The encrypted SSL secure transport must be established prior to the HTTP connection (prior to the HTTP GET request that tells Apache which virtual host name the client computer is trying to access). One workaround to this problem is to specify the IP address that is shared by the virtual hosts along with HTTP port 80 in the NameVirtualHost directive and in each virtual host container, as shown in the following example:

 # Enable Name-based virtual hosts for one IP address NameVirtualHost 209.100.100.3:80 # First name-based virtual web: www1.yourdomain.com <VirtualHost 209.100.100.3:80>     ServerAdmin yourname@yourdomain.com     UseCanonicalName off     DocumentRoot /www/ww1/htdocs     ServerName www1.yourdomain.com     ErrorLog /var/log/httpd/error_log     TransferLog /var/log/httpd/access_log </VirtualHost> # Second name-based virtual web: www2.yourdomain.com <VirtualHost 209.100.100.3:80>     ServerAdmin yourname@yourdomain.com     UseCanonicalName off     DocumentRoot /www/www2/htdocs     ServerName www2.yourdomain.com     ErrorLog /var/log/httpd/error_log     TransferLog /var/log/httpd/access_log </VirtualHost> 

Using this configuration will allow you to acquire a security certificate for your IP address (209.100.100.3, in this example) and use the SSL features of Apache to provide for secure and encrypted communication. Describing how to use SSL with Apache is outside the scope of this book.

[2]IP-based virtual hosts are also required for the Microsoft FrontPage extensions at the time of this writing.

[3]Name-based virtual hosting was introduced in Apache version 1.3; for the NameVirtualHost directive to accept the wildcard character * (discussed in a moment), Apache version 1.3.13 or higher is required.

[4]Apache will also match the IP address in the HTTP request against the NameVirtualHost directive if you use an IP address instead of the wildcard character * in the NameVirtualHost directive. If you do this, however, you will need multiple NameVirtualServer directives (one for each IP address) outside of the VirtualHost containers.



The Linux Enterprise Cluster. Build a Highly Available Cluster with Commodity Hardware and Free Software
Linux Enterprise Cluster: Build a Highly Available Cluster with Commodity Hardware and Free Software
ISBN: 1593270364
EAN: 2147483647
Year: 2003
Pages: 219
Authors: Karl Kopper

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net