AgileApps Support Wiki

Difference between revisions of "Installing and Configuring Apache for Use with the Platform"

From AgileApps Support Wiki
imported>Aeric
m (Text replace - 'Category:System Administration' to 'Category:Installation')
 
imported>Aeric
 
(26 intermediate revisions by the same user not shown)
Line 1: Line 1:
=== Configuring Apache to serve static content from LongJump ===
<includeonly>=== Installing and Configuring Apache for Use with the Platform ===</includeonly>
 
Apache can be installed in front of the tomcat server to serve static content like gif and jpeg images, Javascript files and stylesheets more efficiently, leaving the Application Server free to process incoming requests. This section tells you how to configure Apache to serve the platform's static content.
LongJump content includes gif and jpeg images, CSS, and JavaScript files. Apache <tt>httpd</tt> serves such static content efficiently, leaving the Application Server free to process incoming requests. This section tells you how to configure Apache to serve LongJump's static content.
 
{{Note|LongJump versions the static content, so browsers use a locally cached copy, unless a later version is available.}}


==== Overview ====
==== Overview ====


With this arrangement, Apache will be in front of Tomcat. Any request that comes to LongJump will first go to Apache. Apache will determine if the request is a valid LongJump request and, if so, will forward the request to Tomcat to process the request.
With this arrangement, Apache will be in front of Tomcat. Any request that comes to the platform first goes to Apache. Apache determines if the request is a valid request and, if so, will forward the request to Tomcat for processing.


Since Apache will be in front of Tomcat, it needs to be configured to listen on port 80 and port 443 for http and https traffic respectively. Apache also needs to be configured to forward traffic coming on these ports which is meant for LongJump to the port on which Tomcat is listening.
Since Apache will be in front of Tomcat, it needs to be configured to listen on port 80 and port 443 for http and https traffic respectively. Apache also needs to be configured to forward traffic coming on those ports to the port on which Tomcat is listening.


==== Requirements====
==== Requirements====
:
The following Apache modules must be enabled when installing Apache. They can be compiled as a static binary into apache or loaded as dynamic modules.
:* LongJump Application Server set up.
:* mod_proxy
:* Apache Server compiled using the following modules:
:* mod_proxy_connect
::<tt>mod_proxy
:* mod_proxy_http
::mod_ssl
:* mod_ssl  
::mod_expires
:* mod_expires  
::mod_headers</tt>
:* mod_headers  


==== Configuration Process====
==== Configuration Process====


In outline, the process looks like this:
In outline, the process looks like this:
#Configure Apache to serve static content.
#Configure Tomcat Connectors.
#Configure Apache Virtual host.
#Configure Apache Virtual host.
#Start Apache, Tomcat and <tt>memcached</tt>.
#Start Apache, Tomcat and <tt>memcached</tt>.


==== Configure Apache to Serve Static Content ====
{{Important|Ensure that all database servers and web servers are configured to be in the same timezone, regardless of where they are geographically located.}}
These steps are optional. Do them if you intend to let Apache serve up static files. (That configuration is recommended, but not required.)


#Download LongJump installation file from FTP which will be of the form <tt>longjump_app_server-v7.x.x.x.gz</tt>
#Untar the archive.<br/>The <tt>longjump_app_server</tt> folder is created, containing the [[Installation Files]].
#In <tt>longjump_app_server/</tt>, go to <tt>static_contents/</tt>
#Move <tt>static-networking.tar.gz</tt>, to the Apache web server's <tt>documentroot</tt> folder.
#Go to Apache’s <tt>documentroot</tt> folder
#Untar <tt>static-networking.tar.gz</tt><br/>The <tt>networking</tt> folder is created, with a file hierarchy set up for static content:<br/><tt>Charts/</tt><br/><tt>ckeditor/</tt><br/><tt>flash/</tt><br/><tt>graphics/</tt><br/><tt>images/</tt><br/><tt>js/</tt><br/><tt>style/</tt><br/><tt>wait.html</tt>
==== Configure Tomcat Connectors ====
# In <tt>longjump_installation/tomcat/conf/</tt>, edit <tt>server.xml</tt>
# Remove connectors pointing to ports 80 and 443.
# Add a connector for traffic forwarded from Apache, as shown here:
::{|
<pre><Connector
  port="8006"  maxThreads="450" 
  minSpareThreads="25"  maxSpareThreads="75"
  debug="0"  enableLookups="false" 
  acceptCount="450"  connectionTimeout="30000" 
  disableUploadTimeout="true"  scheme="https"  proxyPort="443"
  useIPVhosts="true"  URIEncoding="UTF-8" 
  maxHttpHeaderSize="8192"
/></pre>
|}
Notes:
:* The LongJump standard is to use port 8006. That value is assumed in the remainder of this section. (It can be changed, if desired.)
:* The next step will be to configure Apache so that incoming HTTP and HTTPS traffic on ports 80 and 443 will be forwarded to port 8006, where Tomcat will be listening.


==== Configure Apache Virtual Hosts ====
==== Configure Apache Virtual Hosts ====
Line 66: Line 32:
::- One in <tt>httpd-ssl.conf</tt> for Apache to listen on port 443 for HTTPS traffic.
::- One in <tt>httpd-ssl.conf</tt> for Apache to listen on port 443 for HTTPS traffic.


::Any traffic meant for LongJump coming on these ports will be forwarded to Tomcat. This request forwarding  is achieved using the mod_proxy module.
::Any traffic meant for the platform coming on these ports is forwarded to Tomcat. This request forwarding  is achieved using the mod_proxy module.


::The <tt>httpd.conf</tt> and <tt>httpd-ssl.conf</tt> configuration files can be found in the $APACHE_HOME directory. For each virtual host entry, make sure the following are set appropriately:
::The <tt>httpd.conf</tt> and <tt>httpd-ssl.conf</tt> configuration files can be found in the $APACHE_HOME directory. For each virtual host entry, make sure the following are set appropriately:
Line 79: Line 45:
::''httpd-ssl.conf'':
::''httpd-ssl.conf'':
::{|
::{|
<pre>SSLCertificateFile "longjump_installation/tomcat/conf/RN/<yourdomain>.cer"
<pre>SSLCertificateFile "{install_dir}/tomcat/conf/RN/<yourdomain>.cer"
:::SSLCertificateKeyFile "longjump_installation/tomcat/conf/RN/<yourdomain>_private_key"</pre>
SSLCertificateKeyFile "{install_dir}/tomcat/conf/RN/<yourdomain>_private_key"</pre>
|}
:;3. Enable secure communications:
::Set up a secure communications channel between Apache and Tomcat. The URLs for the Proxy are then https://, rather than http://, and all traffic is encrypted.
::{|
<pre>SSLProxyEngine on
</pre>
<pre>ProxyPreserveHost On </pre>
|}
|}
:;3. Configure Proxy Paths in Apache:
:;4. Configure Proxy Paths in Apache:
::Proxy paths need to be configured to enable mod_proxy to recognize the request and forward it to Tomcat appropriately.
::Proxy paths need to be configured to enable mod_proxy to recognize the request and forward it to Tomcat appropriately as shown in the following examples:


::For example:
::{|
::{|
<pre><nowiki>ProxyPass /networking/* http://tomcat-host-name:8006/networking/*
<pre><nowiki>ProxyPass /networking/* https://tomcat-host-name:8284/networking/*
ProxyPassReverse /networking/* http://tomcat-host-name:8006/networking/*</nowiki></pre>
ProxyPassReverse /networking/* https://tomcat-host-name:8284/networking/*</nowiki></pre>
|}
::{|
<pre><nowiki>ProxyPass /networking/* http://tomcat-host-name:8283/networking/*
ProxyPassReverse /networking/* http://tomcat-host-name:8283/networking/*</nowiki></pre>
|}
 
For ace-lib components, make the updates as per the following examples:
::{|
<pre><nowiki>ProxyPass /ace-lib/* https://tomcat-host-name:8284/ace-lib/*
ProxyPassReverse /ace-lib/* https://tomcat-host-name:8284/ace-lib/*</nowiki></pre>
|}
::{|
<pre><nowiki>ProxyPass /ace-lib/* http://tomcat-host-name:8283/ace-lib/*
ProxyPassReverse /ace-lib/* http://tomcat-host-name:8283/ace-lib/*</nowiki></pre>
|}
|}
::''Note'': These instructions assume that Tomcat and Apache are running on the same server. If they are running on different servers, change the settings appropriately.
::''Note'': These instructions assume that Tomcat and Apache are running on the same server. If they are running on different servers, change the settings appropriately.


:;4.Configure virtual hosts: For each virtual host in <tt>httpd.conf</tt> and <tt>httpd-ssl.conf</tt> for ports 80 and 443, copy the settings in [{{DOCHOST}}/files/proxy_paths.txt proxy_paths.txt], changing the standard port assignment of 8006, if needed.
:;5.Configure virtual hosts: For each virtual host in <tt>httpd.conf</tt> and <tt>httpd-ssl.conf</tt> for ports 80 and 443, copy the settings from <tt>{install_dir}/httpd-proxy.conf</tt>, changing the standard port assignment of 8283 and 8284, if needed.
 
For more information on changing ports, see [[Controlling Port Access]].


In case, you are trying to access AgileApps server without an Apache server and if you use any port number other than 80 and 443, you have to access the AgileApps URLs along with the port numbers. For example: https://{hostname}:8284/networking/servicedesk/index.jsp


[[Category:Installation]]
[[Category:Installation]]
</noinclude>

Latest revision as of 07:27, 29 May 2020

Apache can be installed in front of the tomcat server to serve static content like gif and jpeg images, Javascript files and stylesheets more efficiently, leaving the Application Server free to process incoming requests. This section tells you how to configure Apache to serve the platform's static content.

Overview

With this arrangement, Apache will be in front of Tomcat. Any request that comes to the platform first goes to Apache. Apache determines if the request is a valid request and, if so, will forward the request to Tomcat for processing.

Since Apache will be in front of Tomcat, it needs to be configured to listen on port 80 and port 443 for http and https traffic respectively. Apache also needs to be configured to forward traffic coming on those ports to the port on which Tomcat is listening.

Requirements

The following Apache modules must be enabled when installing Apache. They can be compiled as a static binary into apache or loaded as dynamic modules.

  • mod_proxy
  • mod_proxy_connect
  • mod_proxy_http
  • mod_ssl
  • mod_expires
  • mod_headers

Configuration Process

In outline, the process looks like this:

  1. Configure Apache Virtual host.
  2. Start Apache, Tomcat and memcached.

Warn.png

Important: Ensure that all database servers and web servers are configured to be in the same timezone, regardless of where they are geographically located.


Configure Apache Virtual Hosts

1. Add two virtual host entries
- One in httpd.conf for Apache to listen on port 80 for HTTP traffic.
- One in httpd-ssl.conf for Apache to listen on port 443 for HTTPS traffic.
Any traffic meant for the platform coming on these ports is forwarded to Tomcat. This request forwarding is achieved using the mod_proxy module.
The httpd.conf and httpd-ssl.conf configuration files can be found in the $APACHE_HOME directory. For each virtual host entry, make sure the following are set appropriately:
ServerAdmin root@localhost
DocumentRoot "/usr/local/apache/htdocs/"
ServerName example.com
ServerAlias www.example.com
2. Configure certificates for SSL virtual host on port 443
Make sure the following points to your certificate and private key.
httpd-ssl.conf:
SSLCertificateFile "{install_dir}/tomcat/conf/RN/<yourdomain>.cer"
SSLCertificateKeyFile "{install_dir}/tomcat/conf/RN/<yourdomain>_private_key"
3. Enable secure communications
Set up a secure communications channel between Apache and Tomcat. The URLs for the Proxy are then https://, rather than http://, and all traffic is encrypted.
SSLProxyEngine on

ProxyPreserveHost On
4. Configure Proxy Paths in Apache
Proxy paths need to be configured to enable mod_proxy to recognize the request and forward it to Tomcat appropriately as shown in the following examples:
ProxyPass /networking/* https://tomcat-host-name:8284/networking/*
ProxyPassReverse /networking/* https://tomcat-host-name:8284/networking/*
ProxyPass /networking/* http://tomcat-host-name:8283/networking/*
ProxyPassReverse /networking/* http://tomcat-host-name:8283/networking/*

For ace-lib components, make the updates as per the following examples: 

ProxyPass /ace-lib/* https://tomcat-host-name:8284/ace-lib/*
ProxyPassReverse /ace-lib/* https://tomcat-host-name:8284/ace-lib/*
ProxyPass /ace-lib/* http://tomcat-host-name:8283/ace-lib/*
ProxyPassReverse /ace-lib/* http://tomcat-host-name:8283/ace-lib/*
Note: These instructions assume that Tomcat and Apache are running on the same server. If they are running on different servers, change the settings appropriately.
5.Configure virtual hosts
For each virtual host in httpd.conf and httpd-ssl.conf for ports 80 and 443, copy the settings from {install_dir}/httpd-proxy.conf, changing the standard port assignment of 8283 and 8284, if needed.

For more information on changing ports, see Controlling Port Access.

In case, you are trying to access AgileApps server without an Apache server and if you use any port number other than 80 and 443, you have to access the AgileApps URLs along with the port numbers. For example: https://{hostname}:8284/networking/servicedesk/index.jsp

Retrieved from "https://agileappscloud.info/aawiki-src/index.php?title=Installing_and_Configuring_Apache_for_Use_with_the_Platform&oldid=10967"