stackoom
  简体   繁体   中英

Apache Zeppelin behind Apache reverse proxy

 原文  2016-09-15 17:16:36       apache/ websocket/ reverse-proxy/ apache-zeppelin

Question

I'm running my Apache Zeppelin instance behind an Apache Webserver, where the webserver only serves as a reserve proxy.

If I'm browsing to the reverse-proxy site https://my-domain.com/zeppelin/ I'm getting a website with assets and buttons and everything, but the websocket of Zeppelin won't connect. The Browser-Dev-Tools are saying 405 HTTP method GET is not supported by this URL for the URL https://my-domain.com/zeppelin/ws .

If I'm going direct on the Zeppelin-Website (fe http://priv.my-domain.com/zeppelin ) everything works fine. So it seems like it's not a bug in the Zeppelin-Code but a problem in the reverse-proxy-config.

My Apache reverse-proxy config looks like:

<VirtualHost *:443>
    ServerName my-domain.com
    # don't loose time with IP address lookups
    HostnameLookups Off
    ProxyRequests Off
    ProxyPreserveHost Off
    SSLEngine On
    SSLProxyEngine On
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    ...
    ssl cert stuff
    ...
    <Location /zeppelin/ws>

        ProxyPass ws://priv.my-domain.com:8080/zeppelin/ws
        ProxyPassReverse ws://priv.my-domain.com:8080/zeppelin/ws

        Order deny,allow
        Deny from all

        Allow from <my-ip>

    </Location>

    <Location /zeppelin/>

        ProxyPass http://priv.my-domain.com:8080/zeppelin/
        ProxyPassReverse http://priv.my-domain.com:8080/zeppelin/

        Order deny,allow
        Deny from all

        Allow from <my-ip>

    </Location>
    <Proxy *>
        AddDefaultCharset Off
        Order deny,allow
        Allow from all
    </Proxy>
</VirtualHost>

It makes no difference if I remove the first ws-location from the config. Have you any idea?

EDIT FOR SOLUTION: After the below answer I modified my conf-file and it's working now! Thank you really much!

My working conf:

<VirtualHost *:443>
    ServerName my-domain.com
    # don't loose time with IP address lookups
    HostnameLookups Off
    ProxyRequests Off
    ProxyPreserveHost Off
    SSLEngine On
    SSLProxyEngine On
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    ...
    ssl cert stuff
    ...
    <Location /zeppelin/>

        ProxyPass http://priv.my-domain.com:8080/zeppelin/
        ProxyPassReverse http://priv.my-domain.com:8080/zeppelin/

        Order deny,allow
        Deny from all

        Allow from <my-ip>

    </Location>
    RewriteEngine On
    RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
    RewriteRule ^/(.*) ws://priv.my-domain.com:8080/$1 [P]
    <Proxy *>
        AddDefaultCharset Off
        Order deny,allow
        Allow from all
    </Proxy>
</VirtualHost>

4 answers

solution1
 3 ACCPTED  2016-09-19 14:23:38

This is the conf I am using which has some specifies not necessarily applicable for your needs :
- service discovery in front of a mesos cluster
- one instance per user and routing the user based on the credentials 

<VirtualHost *:3128>
    <Location "/"> 
      AuthUserFile  /.............../users
      AuthName "xxxxxxxxxxxxx" 
      AuthGroupFile /dev/null 
      AuthType Basic 
      Require valid-user
    </Location> 
    ServerName xxxxxxxxxxxxxxxxxxxxxxxxxxx
    # SSLEngine on
    # SSLCertificateFile "/.............../xxxxx.crt"
    # SSLCertificateKeyFile "/.............../xxxxx.key"

  #RewriteRules for datalab with user
  RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
  RewriteCond %{LA-U:REMOTE_USER} (aaaa)
  RewriteRule ^/(.*) ws://azerty01:31321/$1 [P]
  RewriteCond %{LA-U:REMOTE_USER} (aaaa)
  RewriteRule ^/(.*) http://azerty01:31321/$1 [P,QSA,L]
  ProxyPassReverse / http://azerty01:31321

  #RewriteRules for datalab with user
  RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
  RewriteCond %{LA-U:REMOTE_USER} (bbbb)
  RewriteRule ^/(.*) ws://azerty02:31901/$1 [P]
  RewriteCond %{LA-U:REMOTE_USER} (bbbb)
  RewriteRule ^/(.*) http://azerty02:31901/$1 [P,QSA,L]
  ProxyPassReverse / http://azerty02:31901

</VirtualHost>

solution2
 1  2016-10-27 00:06:36

Here is an Includes file that I created when I wanted to reverse proxy Zeppelin server. You could more or less cut and paste it into a vhosts conf file if preferred.

#
# Apache Reverse Proxy settings for Zeppelin server.
# note:
#  Change ZEPPELING_IP_OR_HOST and ZEPPELIN_PORT as appropriate.
#
# FreeBSD put into /usr/local/etc/apache24/Includes directory,
# Linux may vary.

# This is for your-host.your-domain.com/zeppelin 
# if you want zeppelin.your-host.your-domain.com
# Put this into a vhosts file.

RequestHeader set X_FORWARDED_PROTO 'https'
ProxyPreserveHost On
RequestHeader set X-Forwarded-Port "443"
ProxyRequests     Off
ProxyVia Off
AllowEncodedSlashes NoDecode


<Location /zeppelin/ws>
    ProxyPass  ws://ZEPPELIN_IP_OR_HOST:ZEPPELIN_PORT/zeppelin/ws 
    ProxyPassReverse ws://ZEPPELIN_IP_OR_HOST:ZEPPELIN_PORT/zeppenlin/ws
</Location>

ProxyPass        /zeppelin     http://ZEPPELIN_IP_OR_HOST:ZEPPELIN_PORT/zeppelin 
ProxyPassReverse /zeppelin     http://ZEPPELIN_IP_OR_HOST:ZEPPELIN_PORT/zeppelin

solution3
 1  2019-11-28 14:14:27

I found that the order of the location directives matters. If you define the zeppelin first then zeppelin/ws as shown below, then everything works. However, the reversed order doesn't work.

   <Location /zeppelin/>
        ProxyPass http://priv.my-domain.com:8080/zeppelin/
        ProxyPassReverse http://priv.my-domain.com:8080/zeppelin/
    </Location>
    <Location /zeppelin/ws>
        ProxyPass ws://priv.my-domain.com:8080/zeppelin/ws
        ProxyPassReverse ws://priv.my-domain.com:8080/zeppelin/ws
    </Location>

solution4
 0  2017-01-27 15:49:13

Just to add to this, I was able to use Apache2 with the config below to reroute to my zeppelin instance. The important piece is the websocket connection.

Make sure you add

sudo a2enmod proxy_wstunnel

to the mods. I then ran the following:

sudo a2dissite 000-default
sudo nano /etc/apache2/sites-available/proxy-host.conf
    # Insert the following into the proxy-host.conf file
    <VirtualHost *:80>
      ServerName '<Zeppelin Public IP>:8080'
      RewriteEngine On
      RewriteCond %{HTTP:Upgrade} =websocket [NC]
      RewriteRule /(.*)           ws://<Zeppelin Public IP>:8080/$1 [P,L]
      RewriteCond %{HTTP:Upgrade} !=websocket [NC]
     RewriteRule /(.*)           http://<Zeppelin Public IP>:8080/$1 [P,L]
     ProxyPassReverse / http://<Zeppelin Public IP>:8080/
    </VirtualHost>
    # / text insert
sudo a2ensite proxy-host
sudo nano /etc/apache2/ports.conf
   #Add this to the ports.conf file and cntrl+X to save & exit  
   Listen 8080
sudo /etc/init.d/apache2 restart

Then when you go to http:// reverseproxypublicIP / it'll reroute to your Zeppelin instance. Hope this helps someone!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Running Apache Zeppelin with nginx as reverse proxy Using Joomla on Apache behind Apache Reverse Proxy Harbor 2.5.0 behind Apache reverse proxy Directory listing behind a reverse proxy in apache Rails in a subdirectory behind apache reverse proxy Apache 2.2 reverse-proxy behind Nexus 3 Spring security behind Apache reverse proxy How to reverse proxy a host with apache that is behind a forward proxy Issues with self-signed certificate behind an Apache reverse-proxy? Docker - Configuring PhpMyAdmin container behind Apache reverse proxy container
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM