我为以下多个应用程序设置了Apache反向代理:
https://serverxx:8000 -> http://localhost:9000
https://serverxx:8001 -> http://localhost:9001
https://serverxx:8002 -> http://localhost:9002
/etc/httpd/conf.d/下有3个虚拟主机文件可以完成此设置,它们看起来如下:
Listen 8000 https
<VirtualHost *:8000>
ProxyPreserveHost On
SSLProxyEngine on
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/private/server.key
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
ProxyPass / http://localhost:9000/
ProxyPassReverse / http://localhost:9000/
</VirtualHost>
由于有新要求,需要进行一些大修。现在可以通过https://serverxx:800[0,1,2]访问的3个应用程序应如下所示:
https://serverxx/app1 -> http://localhost:9000
https://serverxx/app2 -> http://localhost:9001
https://serverxx/app3 -> http://localhost:9002
换句话说,serverxx将仅侦听1个端口(443),并且具有3种不同的上下文路径,用于3种不同的代理服务。
这有可能吗?我一直在阅读https://httpd.apache.org/docs/2.4/vhosts/examples.html,但无法得到明确的答案。
谢谢。
答案 0 :(得分:0)
我终于想通了。
对于那些对答案感兴趣的人,关键是为指向多个后端服务器的每个上下文路径添加多个ProxyPass和ProxyPassReverse值。
Listen 8000 https
<VirtualHost *:8000>
ProxyPreserveHost On
SSLProxyEngine on
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/private/server.key
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
ProxyPass /app1 -> http://localhost:9000
ProxyPassReverse /app1 -> http://localhost:9000
ProxyPass /app2 -> http://localhost:9001
ProxyPassReverse /app2 -> http://localhost:9001
ProxyPass /app3 -> http://localhost:9002
ProxyPassReverse /app3 -> http://localhost:9002
</VirtualHost>