This solution is based on mod_proxy and AJP connector.
Apache web server config
You have to configure mod_proxy in apache httpd.I added the following conf file in conf.d directory:
<VirtualHost 172.22.215.219:80> Servername sisifo.domain1 RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R=301,L] LogLevel info ErrorLog /var/log/httpd/sisifo.domain1_error_log CustomLog /var/log/httpd/sisifo.domain1_access_log combined </VirtualHost> <VirtualHost 172.22.215.219:443> Servername sisifo.domain1 SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 SSLCertificateKeyFile /etc/pki/tls/private/localhost.key SSLCertificateFile /etc/pki/tls/certs/localhost.crt #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt #SSLCACertificatePath /etc/httpd/certs/ca <Location "/"> Order Deny,Allow Deny from all Allow from all #Allow from 10.224.0.0/12 </Location> ########## ProxyRequests Off ProxyPassMatch ^/(.*)$ balancer://tomcat_cluster/$1$2 stickysession=JSESSIONID|jsessionid <Proxy balancer://tomcat_cluster> BalancerMember ajp://[TOMCAT1]:8009 loadfactor=1 route=jvmTomcat1 ping=1 BalancerMember ajp://[TOMCAT2]:8009 loadfactor=1 route=jvmTomcat2 ping=1 ProxySet lbmethod=byrequests ProxySet nofailover=off ProxySet timeout=300 </Proxy> ########## LogLevel info ErrorLog /var/log/httpd/sisifo.domain1_ssl_error_log CustomLog /var/log/httpd/sisifo.domain1_ssl_access_log combined </VirtualHost>
Tomcat config
You have to edit $TOMCAT_HOM/config/server.xml of each tomcat instance and set an unique value for jvmRoute attribute. This attribute is in Engine tag.
<Engine defaultHost="localhost" name="Catalina" jvmRoute="jvmTomcat1">
No hay comentarios:
Publicar un comentario