Linux – Apache ProxyPass & ProxyPassReverse

測試環境為 CentOS 8 x86_64

因為我的工作環境有兩個網段,其中 172.16.0.x 有一台 Web Server (172.16.0.2) ,從 10 網段的人無法與其相連,這時候可以透過 2 種方式.

  1. Apache ProxyPass & ProxyPassReverse (仲介伺服器) – 這邊介紹
  2. NAT Port Forwarding 或 DNAT ( Destination Network Address Translation) – http://benjr.tw/103990

目的是把 Web Server IP:Port 172.16.0.2:80 ProxyPass 到 10.32.55.145:80 如下圖.

172.16.0.2


安裝 Apache Web Server .

[root@localhost ~]# yum install -y httpd
[root@localhost ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2017-07-21 12:03:23 CST; 5s ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 6418 (httpd)
   Status: "Processing requests..."
   CGroup: /system.slice/httpd.service
           ├─6418 /usr/sbin/httpd -DFOREGROUND
           ├─6419 /usr/sbin/httpd -DFOREGROUND
           ├─6420 /usr/sbin/httpd -DFOREGROUND
           ├─6421 /usr/sbin/httpd -DFOREGROUND
           ├─6422 /usr/sbin/httpd -DFOREGROUND
           └─6423 /usr/sbin/httpd -DFOREGROUND

如果連不上請先確一下 Firewall 的狀態.

[root@localhost ~]# systemctl stop firewalld

CentOS 8 搭配的 Apache 沒有預設網頁,可以自行建立 index.html 來測試.

[root@localhost ~]# echo Apache on CentOS 8 > /var/www/html/index.html

172.16.0.1 / 10.32.55.145


安裝 Apache Web Server .

[root@localhost ~]# yum install -y httpd

設定 Apache ProxyPass & ProxyPassReverse , 新增以下 VirtualHost 區塊.

[root@localhost ~]# vi /etc/httpd/conf/httpd.conf
<VirtualHost *:80>
  ProxyPreserveHost on
  ProxyPass "/camera" "http://172.16.0.2:80"
  ProxyPassReverse "/camera" "http://172.16.0.2:80"
</VirtualHost>

這樣 reverse proxy 收到 http://10.32.55.145/camera 的 request 之後就會去 http://172.16.0.2 讀取資料並回傳給使用者.

  • – 設定 VirtualHost 並使用 80 埠
  • ProxyPreserveHost on – 啟動 ProxyPreserveHost
  • ProxyPass “/camera” “http://172.16.0.2:80” – Maps remote servers into the local server URL-space.
  • ProxyPassReverse “/camera” “http://172.16.0.2:80” – Adjusts the URL in HTTP response headers sent from a reverse proxied server.

啟動 Web Server.

[root@localhost ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2017-07-21 12:03:23 CST; 5s ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 6418 (httpd)
   Status: "Processing requests..."
   CGroup: /system.slice/httpd.service
           ├─6418 /usr/sbin/httpd -DFOREGROUND
           ├─6419 /usr/sbin/httpd -DFOREGROUND
           ├─6420 /usr/sbin/httpd -DFOREGROUND
           ├─6421 /usr/sbin/httpd -DFOREGROUND
           ├─6422 /usr/sbin/httpd -DFOREGROUND
           └─6423 /usr/sbin/httpd -DFOREGROUND

測試一下從 10.32.55.145 可以看到 172.16.0.2 的網頁.

[root@localhost ~]# curl htt://172.16.0.2
Apache on CentOS 8
[root@localhost ~]# curl htt://10.32.55.145/camera
Apache on CentOS 8
沒有解決問題,試試搜尋本站其他內容

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。

這個網站採用 Akismet 服務減少垃圾留言。進一步了解 Akismet 如何處理網站訪客的留言資料