リバースプロキシ(バーチャルホスト)

この設定は、Centos 6.4 にてWEBサーバーを複数設置する為にリバースプロキシを用いて、
WEBサーバーとフロントエンドサーバーを別々に設けた設定例です。

この設定では、各WEBサーバーのIPアドレスを指定し直接WEBサーバーを呼び出している為、
内部DNSサーバーを設ける必要がありません。

クライアントからWEBサーバーまでのアクセス・レスポンスの流れは下記 pdf を参照してください。
reverse proxy.pdf へのリンク



フロントエンドサーバーの設定(抜粋)

下記ファイルは、フロントエンドサーバー側のhttpd.conf の抜粋です。
/etc/httpd/conf/httpd.conf

001 | #
002 | # Listen: Allows you to bind Apache to specific IP addresses and/or
003 | # ports, in addition to the default. See also the <VirtualHost>
004 | # directive.
005 | #
006 | # Change this to Listen on specific IP addresses as shown below to
007 | # prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
008 | #
009 | #Listen 12.34.56.78:80
010 | Listen 80 <----------------------------------------------------------------------------あるのを確認無ければ追加
011 |
012 | #
013 | # Dynamic Shared Object (DSO) Support
014 | #
015 | # To be able to use the functionality of a module which was built as a DSO you
016 | # have to place corresponding `LoadModule' lines at this location so the
017 | # directives contained in it are actually available _before_ they are used.
018 | # Statically compiled modules (those listed by `httpd -l') do not need
019 | # to be loaded here.
020 | #
021 | # Example:
022 | # LoadModule foo_module modules/mod_foo.so
023 | #
024 | LoadModule auth_basic_module modules/mod_auth_basic.so
025 | LoadModule auth_digest_module modules/mod_auth_digest.so
026 | LoadModule authn_file_module modules/mod_authn_file.so
027 | LoadModule authn_alias_module modules/mod_authn_alias.so
028 | LoadModule authn_anon_module modules/mod_authn_anon.so
029 | LoadModule authn_dbm_module modules/mod_authn_dbm.so
030 | LoadModule authn_default_module modules/mod_authn_default.so
031 | LoadModule authz_host_module modules/mod_authz_host.so
032 | LoadModule authz_user_module modules/mod_authz_user.so
033 | LoadModule authz_owner_module modules/mod_authz_owner.so
034 | LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
035 | LoadModule authz_dbm_module modules/mod_authz_dbm.so
036 | LoadModule authz_default_module modules/mod_authz_default.so
037 | LoadModule ldap_module modules/mod_ldap.so
038 | LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
039 | LoadModule include_module modules/mod_include.so
040 | LoadModule log_config_module modules/mod_log_config.so
041 | LoadModule logio_module modules/mod_logio.so
042 | LoadModule env_module modules/mod_env.so
043 | LoadModule ext_filter_module modules/mod_ext_filter.so
044 | LoadModule mime_magic_module modules/mod_mime_magic.so
045 | LoadModule expires_module modules/mod_expires.so
046 | LoadModule deflate_module modules/mod_deflate.so
047 | LoadModule headers_module modules/mod_headers.so
048 | LoadModule usertrack_module modules/mod_usertrack.so
049 | LoadModule setenvif_module modules/mod_setenvif.so
050 | LoadModule mime_module modules/mod_mime.so
051 | LoadModule dav_module modules/mod_dav.so
052 | LoadModule status_module modules/mod_status.so
053 | LoadModule autoindex_module modules/mod_autoindex.so
054 | LoadModule info_module modules/mod_info.so
055 | LoadModule dav_fs_module modules/mod_dav_fs.so
056 | LoadModule vhost_alias_module modules/mod_vhost_alias.so
057 | LoadModule negotiation_module modules/mod_negotiation.so
058 | LoadModule dir_module modules/mod_dir.so
059 | LoadModule actions_module modules/mod_actions.so
060 | LoadModule speling_module modules/mod_speling.so
061 | LoadModule userdir_module modules/mod_userdir.so
062 | LoadModule alias_module modules/mod_alias.so
063 | LoadModule substitute_module modules/mod_substitute.so
064 | LoadModule rewrite_module modules/mod_rewrite.so
065 | LoadModule proxy_module modules/mod_proxy.so <----------------------------------------あるのを確認無ければ追加
066 | LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
067 | LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
068 | LoadModule proxy_http_module modules/mod_proxy_http.so <-------------------------------あるのを確認無ければ追加
069 | LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
070 | LoadModule proxy_connect_module modules/mod_proxy_connect.so
071 | LoadModule cache_module modules/mod_cache.so
072 | LoadModule suexec_module modules/mod_suexec.so
073 | LoadModule disk_cache_module modules/mod_disk_cache.so
074 | LoadModule cgi_module modules/mod_cgi.so
075 | LoadModule version_module modules/mod_version.so
076 |
077 | #
078 | # ServerName gives the name and port that the server uses to identify itself.
079 | # This can often be determined automatically, but we recommend you specify
080 | # it explicitly to prevent problems during startup.
081 | #
082 | # If this is not set to valid DNS name for your host, server-generated
083 | # redirections will not work. See also the UseCanonicalName directive.
084 | #
085 | # If your host doesn't have a registered DNS name, enter its IP address here.
086 | # You will have to access it by its address anyway, and this will make
087 | # redirections work in a sensible way.
088 | #
089 | #ServerName www.example.com:80
090 | #ServerName www.hoge.com:80 <----------------------------------------------------------サーバネームは設定しません
091 |
092 | #
093 | # Use name-based virtual hosting.
094 | #
095 |
096 | NameVirtualHost *:80 <-----------------------------------------------------------------この行追加
097 |
098 | #
099 | # NOTE: NameVirtualHost cannot be used without a port specifier
100 | # (e.g. :80) if mod_ssl is being used, due to the nature of the
101 | # SSL protocol.
102 | #
103 |
104 | #
105 | # VirtualHost example:
106 | # Almost any Apache directive may go into a VirtualHost container.
107 | # The first VirtualHost section is used for requests without a known
108 | # server name.
109 | #
110 | #<VirtualHost *:80>
111 | # ServerAdmin webmaster@dummy-host.example.com
112 | # DocumentRoot /www/docs/dummy-host.example.com
113 | # ServerName dummy-host.example.com
114 | # ErrorLog logs/dummy-host.example.com-error_log
115 | # CustomLog logs/dummy-host.example.com-access_log common
116 | #</VirtualHost>
117 |



下記ファイルの作成。
httpd.conf で定義されていない部分をconf.dディレクトリより読み込みます。
最初に virtualhost-00 が読み込まれ次に virtualhost-example が読み込まれます。
virtualhost-00 は未定義サーバネームでアクセスされた場合、アクセス拒否をする設定です。
今回の例ではDDNS側で間違った設定がされないかぎり必要ありませんが、念の為設けました。
virtualhost-example がリバースプロキシの設定となります。

/etc/httpd/conf.d/virtualhost-00.conf

1 | <VirtualHost *:80>
2 |      ServerName any
3 |      <Location />
4 |            Order deny,allow
5 |            Deny from all
6 |      </Location>
7 | </VirtualHost>
8 |

/etc/httpd/conf.d/virtualhost-example.conf

01 | <VirtualHost *:80>
02 |      ProxyRequests Off
03 |      ServerName www1.exaexa1.com
04 |      ProxyPass / http://192.168.2.101/
05 |      ProxyPassReverse / http://192.168.2.101/
06 |      Customlog logs/exaexa1-access_log Combined env=!no_log
07 |      ErrorLog logs/exaexa1-error_log
08 | </VirtualHost>
09 |
10 | <VirtualHost *:80>
11 |      ProxyRequests Off
12 |      ServerName www2.mplemple2.com
13 |      ProxyPass / http://192.168.2.101/
14 |      ProxyPassReverse / http://192.168.2.101/
15 |      Customlog logs/exaexa1-access_log Combined env=!no_log
16 |      ErrorLog logs/exaexa1-error_log
17 | </VirtualHost>
18 |
19 | <VirtualHost *:80>
20 |      ProxyRequests Off
21 |      ServerName www3.example3.com
22 |      ProxyPass / http://192.168.2.102/
23 |      ProxyPassReverse / http://192.168.2.102/
24 |      Customlog logs/example3-access_log Combined env=!no_log
25 |      ErrorLog logs/example3-error_log
26 | </VirtualHost>
27 |
28 |



WEBサーバーの設定(抜粋)

下記ファイルは、WEBサーバー側のhttpd.conf の抜粋です。
サーバーネームは適当に設定します。
クライアントから見た場合、サーバー名はDDNS及びリバースプロキシで設定されたサーバー名になります。
/etc/httpd/conf/httpd.conf

01 | #
02 | # ServerName gives the name and port that the server uses to identify itself.
03 | # This can often be determined automatically, but we recommend you specify
04 | # it explicitly to prevent problems during startup.
05 | #
06 | # If this is not set to valid DNS name for your host, server-generated
07 | # redirections will not work. See also the UseCanonicalName directive.
08 | #
09 | # If your host doesn't have a registered DNS name, enter its IP address here.
10 | # You will have to access it by its address anyway, and this will make
11 | # redirections work in a sensible way.
12 | #
13 | ServerName www.axeaxe.jp:80 <----------------------------------------------------------サーバーネームの設定(仮)
14 |
15 | #
16 | # Use name-based virtual hosting.
17 | #
18 | #NameVirtualHost *:80
19 | #
20 | # NOTE: NameVirtualHost cannot be used without a port specifier
21 | # (e.g. :80) if mod_ssl is being used, due to the nature of the
22 | # SSL protocol.
23 | #
24 |
25 | #
26 | # VirtualHost example:
27 | # Almost any Apache directive may go into a VirtualHost container.
28 | # The first VirtualHost section is used for requests without a known
29 | # server name.
30 | #
31 | #<VirtualHost *:80>
32 | # ServerAdmin webmaster@dummy-host.example.com
33 | # DocumentRoot /www/docs/dummy-host.example.com
34 | # ServerName dummy-host.example.com
35 | # ErrorLog logs/dummy-host.example.com-error_log
36 | # CustomLog logs/dummy-host.example.com-access_log common
37 | #</VirtualHost>
38 |