我想通過使用mod_proxy和mod_proxy_wstunnel模塊將流量從Apache重定向到Tomcat。 HTTP流量重定向沒有問題,但我無法成功重定向websocket流量與我到目前爲止嘗試的任何配置。Apache websocket重定向到Tomcat:mod_proxy和mod_proxy_wstunnel
我使用Apache 2.4.28和Tomcat 8.5.13
我必須說,當我使用Tomcat沒有了Apache,WebSockets的工作完全正常:
Tomcat的連接器,對於工程這個配置是下一個:
<Connector URIEncoding="UTF-8"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript"
compression="on"
compressionMinSize="1024"
connectionTimeout="20000"
noCompressionUserAgents="gozilla, traviata"
port="443"
protocol="org.apache.coyote.http11.Http11AprProtocol"
SSLEnabled="true"
scheme="https"
secure="true">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeyFile="/opt/tomcat/cert/privkey.pem"
certificateFile="/opt/tomcat/cert/cert.pem"
certificateChainFile="/opt/tomcat/cert/chain.pem"
type="RSA" />
</SSLHostConfig>
</Connector>
直到這一點很明顯。現在,我在Tomcat中的前啓動Apache服務器,我改的第一件事是Tomcat的連接器是這樣的:
<Connector URIEncoding="UTF-8"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript"
compression="on"
compressionMinSize="1024"
connectionTimeout="20000"
noCompressionUserAgents="gozilla, traviata"
port="8080"
protocol="org.apache.coyote.http11.Http11AprProtocol">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
</Connector>
在Apache中我成功加載下一個模塊(我已經確認他們真正在加載):
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule ssl_module modules/mod_ssl.so
這是我在vhosts.conf文件試過的配置之一:
<VirtualHost *:443>
ServerName www.example.com
ServerAdmin [email protected]
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
CustomLog /var/log/httpd/lavnet_access.log combined
ErrorLog /var/log/httpd/lavnet_error.log
SSLProxyEngine on
#websocket
RewriteEngine on
RewriteCond %{HTTP:Upgrade} "(?i)websocket"
RewriteRule ^/(.*)$ wss://www.example.com/$1 [P]
#rest
ProxyPass "/" "http://www.example.com:8080/"
ProxyPassReverse "/" "http://www.example.com:8080/"
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
</VirtualHost>
這是我已經實現最佳效果的配置,但它仍然沒有工作。在lavnet_error.log日誌痕跡似乎相當不錯,當我嘗試建立此連接:
[Tue Oct 10 16:46:39.014980 2017] [proxy:debug] [pid 10558:tid 47319680603904] proxy_util.c(2209): [client XX.XX.XX.109:11208] AH00944: connecting wss://www.example.com:443/rest/notify/675/fgcw02lm/websocket to www.example.com:443
[Tue Oct 10 16:46:39.016495 2017] [proxy:debug] [pid 10558:tid 47319680603904] proxy_util.c(2418): [client XX.XX.XX.109:11208] AH00947: connected /rest/notify/675/fgcw02lm/websocket to www.example.com:443
[Tue Oct 10 16:46:39.016567 2017] [proxy:debug] [pid 10558:tid 47319680603904] proxy_util.c(2887): AH02824: WSS: connection established with XX.XX.XX.109:443 (*)
[Tue Oct 10 16:46:39.016590 2017] [proxy:debug] [pid 10558:tid 47319680603904] proxy_util.c(3054): AH00962: WSS: connection complete to XX.XX.XX.109:443 (www.example.com)
[Tue Oct 10 16:46:39.016603 2017] [ssl:info] [pid 10558:tid 47319680603904] [remote 217.61.129.109:443] AH01964: Connection to child 0 established (server www.example.com:443)
[Tue Oct 10 16:46:39.026370 2017] [proxy:debug] [pid 10558:tid 47319680603904] proxy_util.c(2171): AH00943: WSS: has released connection for (*)
但是,這是錯誤的Chrome顯示:
我也試過這種其他配置:
<VirtualHost *:443>
ServerName www.example.com
ServerAdmin [email protected]
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
CustomLog /var/log/httpd/lavnet_access.log combined
ErrorLog /var/log/httpd/lavnet_error.log
SSLProxyEngine on
ProxyPass "/rest/notify/" "wss://www.example.com:8080/rest/notify"
ProxyPassReverse "/rest/notify/" "wss://www.example.com:8080/rest/notify"
ProxyPass "/" "http://www.example.com:8080/"
ProxyPassReverse "/" "http://www.example.com:8080/"
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
</VirtualHost>
但在這種情況下,我得到一個「500(內部服務器錯誤或)」,也我可以看到未來痕跡lavnet_error.log:
[Tue Oct 10 17:14:14.778824 2017] [proxy:warn] [pid 11924:tid 47694559057664] [client XX.XX.XXX.189:11665] AH01144: No protocol handler was valid for the URL /rest/notify/info (scheme 'wss'). If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule., referer: https://www.example.com/equipment-command-panel/8287/8482
我已經嘗試了很多配置,但我不能得到這個工作。我希望你能幫助我。
謝謝。