通过Apache主机到docker容器的代理请求

时间:2017-05-18 18:32:02

标签: apache docker geoserver proxypass

我有一台运行Apache Web服务器的Ubuntu服务器主机。在这个主机上运行的是一个docker容器,为Geoserver(通过Tomcat构建)(使用此image构建)提供端口配置,如下所示:0.0.0.0:32770-> 8080 / tcp

我可以使用http://my.domain:32770/geoserver来轻松访问Geoserver 我在主机上的Apache中配置了一个重定向,用于通过HTTPS提供所有请求(请参阅下面的代码片段),这与请求中的端口不能很好地协调(即https://my.domain:32770/geoserver

<VirtualHost *:80>
        # sending http requests to https
        ServerName data.nrri.umn.edu
        Redirect permanent / https://data.nrri.umn.edu/
</VirtualHost>

我尝试解决此问题的方法是在Apache配置文件中使用ProxyPass指令:

ProxyRequests Off
ProxyPreserveHost On

ProxyPass /my-geoserver http://127.0.0.1:32770/geoserver
ProxyPassReverse /my-geoserver http://127.0.0.1:32770/geoserver

当我使用我期望的URL时,会让我进入Geoserver主页,就像上面的那样(即http://my.domain/my-geoserver)我被重定向到 https://my.domain/geoserver/index.html并提交404 Not Found 我还要注意,http://my.domain:32770/geoserverhttp://my.domain:32770/geoserver/index.html都解析为http://my.domain:32770/geoserver/web/

我在这里做错了什么?

修改curl -L -v -o /dev/null data.nrri.umn.edu/nra-geoserver

的输出 
* Hostname was NOT found in DNS cache
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 131.212.123.7...
* Connected to data.nrri.umn.edu (131.212.123.7) port 80 (#0)
> GET /nra-geoserver HTTP/1.1
> User-Agent: curl/7.35.0
> Host: data.nrri.umn.edu
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Fri, 19 May 2017 15:28:35 GMT
* Server Apache-Coyote/1.1 is not blacklisted
< Server: Apache-Coyote/1.1
< Location: /geoserver/index.html
< Content-Length: 0
< Set-Cookie: JSESSIONID=DFECFFB91353A34C407488EAAF70A2B4; Path=/geoserver; HttpOnly
<
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Connection #0 to host data.nrri.umn.edu left intact
* Issue another request to this URL: 'HTTP://data.nrri.umn.edu/geoserver/index.html'
* Found bundle for host data.nrri.umn.edu: 0x95b8c0
* Re-using existing connection! (#0) with host data.nrri.umn.edu
* Connected to data.nrri.umn.edu (131.212.123.7) port 80 (#0)
> GET /geoserver/index.html HTTP/1.1
> User-Agent: curl/7.35.0
> Host: data.nrri.umn.edu
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Fri, 19 May 2017 15:28:35 GMT
* Server Apache/2.4.7 (Ubuntu) is not blacklisted
< Server: Apache/2.4.7 (Ubuntu)
< Location: https://data.nrri.umn.edu/geoserver/index.html
< Content-Length: 336
< Content-Type: text/html; charset=iso-8859-1
<
* Ignoring the response-body
{ [data not shown]
100   336  100   336    0     0  38536      0 --:--:-- --:--:-- --:--:-- 38536
* Connection #0 to host data.nrri.umn.edu left intact
* Issue another request to this URL: 'https://data.nrri.umn.edu/geoserver/index.html'
* Found bundle for host data.nrri.umn.edu: 0x95b8c0
* Hostname was NOT found in DNS cache
*   Trying 131.212.123.7...
* Connected to data.nrri.umn.edu (131.212.123.7) port 443 (#1)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Server key exchange (12):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSL connection using ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*        subject: C=US; ST=MN; L=Minneapolis; O=University of Minnesota; OU=Natural Resources Research Institute; CN=data.nrri.umn.edu
*        start date: 2017-04-18 00:00:00 GMT
*        expire date: 2020-04-17 23:59:59 GMT
*        subjectAltName: data.nrri.umn.edu matched
*        issuer: C=US; ST=MI; L=Ann Arbor; O=Internet2; OU=InCommon; CN=InCommon RSA Server CA
*        SSL certificate verify ok.
> GET /geoserver/index.html HTTP/1.1
> User-Agent: curl/7.35.0
> Host: data.nrri.umn.edu
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Date: Fri, 19 May 2017 15:28:35 GMT
* Server Apache/2.4.7 (Ubuntu) is not blacklisted
< Server: Apache/2.4.7 (Ubuntu)
< Content-Length: 301
< Content-Type: text/html; charset=iso-8859-1
<
{ [data not shown]
100   301  100   301    0     0   4404      0 --:--:-- --:--:-- --:--:--  4404
* Connection #1 to host data.nrri.umn.edu left intact

1 个答案:

答案 0 :(得分:0)

好的,所以发生了两次重定向。我不确定解决第一个问题的好方法(解决方案可能与第二个解决方案一样)。但是第二个,您应该能够在路径中添加尾随/。生成的代理指令将是:

ProxyPass /my-geoserver/ http://127.0.0.1:32770/geoserver/
ProxyPassReverse /my-geoserver/ http://127.0.0.1:32770/geoserver/

首先在http://data.nrri.umn.edu/geoserver/index.html然后使用http://data.nrri.umn.edu/nra-geoserver尝试,然后查看下一步失败的位置。如果前者有效但后者失败,我们可能还需要编辑一些Tomcat配置(以启用远程IP阀https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html)。

相关问题
最新问题