I'm running my Apache Zeppelin instance behind an Apache Webserver, where the webserver only serves as a reserve proxy.
If I'm browsing to the reverse-proxy site https://my-domain.com/zeppelin/
I'm getting a website with assets and buttons and everything, but the websocket of Zeppelin won't connect. The Browser-Dev-Tools are saying 405 HTTP method GET is not supported by this URL
for the URL https://my-domain.com/zeppelin/ws
.
If I'm going direct on the Zeppelin-Website (fe http://priv.my-domain.com/zeppelin
) everything works fine. So it seems like it's not a bug in the Zeppelin-Code but a problem in the reverse-proxy-config.
My Apache reverse-proxy config looks like:
<VirtualHost *:443>
ServerName my-domain.com
# don't loose time with IP address lookups
HostnameLookups Off
ProxyRequests Off
ProxyPreserveHost Off
SSLEngine On
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
...
ssl cert stuff
...
<Location /zeppelin/ws>
ProxyPass ws://priv.my-domain.com:8080/zeppelin/ws
ProxyPassReverse ws://priv.my-domain.com:8080/zeppelin/ws
Order deny,allow
Deny from all
Allow from <my-ip>
</Location>
<Location /zeppelin/>
ProxyPass http://priv.my-domain.com:8080/zeppelin/
ProxyPassReverse http://priv.my-domain.com:8080/zeppelin/
Order deny,allow
Deny from all
Allow from <my-ip>
</Location>
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
It makes no difference if I remove the first ws-location from the config. Have you any idea?
EDIT FOR SOLUTION: After the below answer I modified my conf-file and it's working now! Thank you really much!
My working conf:
<VirtualHost *:443>
ServerName my-domain.com
# don't loose time with IP address lookups
HostnameLookups Off
ProxyRequests Off
ProxyPreserveHost Off
SSLEngine On
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
...
ssl cert stuff
...
<Location /zeppelin/>
ProxyPass http://priv.my-domain.com:8080/zeppelin/
ProxyPassReverse http://priv.my-domain.com:8080/zeppelin/
Order deny,allow
Deny from all
Allow from <my-ip>
</Location>
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
RewriteRule ^/(.*) ws://priv.my-domain.com:8080/$1 [P]
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
This is the conf I am using which has some specifies not necessarily applicable for your needs :
- service discovery in front of a mesos cluster
- one instance per user and routing the user based on the credentials
<VirtualHost *:3128>
<Location "/">
AuthUserFile /.............../users
AuthName "xxxxxxxxxxxxx"
AuthGroupFile /dev/null
AuthType Basic
Require valid-user
</Location>
ServerName xxxxxxxxxxxxxxxxxxxxxxxxxxx
# SSLEngine on
# SSLCertificateFile "/.............../xxxxx.crt"
# SSLCertificateKeyFile "/.............../xxxxx.key"
#RewriteRules for datalab with user
RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
RewriteCond %{LA-U:REMOTE_USER} (aaaa)
RewriteRule ^/(.*) ws://azerty01:31321/$1 [P]
RewriteCond %{LA-U:REMOTE_USER} (aaaa)
RewriteRule ^/(.*) http://azerty01:31321/$1 [P,QSA,L]
ProxyPassReverse / http://azerty01:31321
#RewriteRules for datalab with user
RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
RewriteCond %{LA-U:REMOTE_USER} (bbbb)
RewriteRule ^/(.*) ws://azerty02:31901/$1 [P]
RewriteCond %{LA-U:REMOTE_USER} (bbbb)
RewriteRule ^/(.*) http://azerty02:31901/$1 [P,QSA,L]
ProxyPassReverse / http://azerty02:31901
</VirtualHost>
Here is an Includes file that I created when I wanted to reverse proxy Zeppelin server. You could more or less cut and paste it into a vhosts conf file if preferred.
#
# Apache Reverse Proxy settings for Zeppelin server.
# note:
# Change ZEPPELING_IP_OR_HOST and ZEPPELIN_PORT as appropriate.
#
# FreeBSD put into /usr/local/etc/apache24/Includes directory,
# Linux may vary.
# This is for your-host.your-domain.com/zeppelin
# if you want zeppelin.your-host.your-domain.com
# Put this into a vhosts file.
RequestHeader set X_FORWARDED_PROTO 'https'
ProxyPreserveHost On
RequestHeader set X-Forwarded-Port "443"
ProxyRequests Off
ProxyVia Off
AllowEncodedSlashes NoDecode
<Location /zeppelin/ws>
ProxyPass ws://ZEPPELIN_IP_OR_HOST:ZEPPELIN_PORT/zeppelin/ws
ProxyPassReverse ws://ZEPPELIN_IP_OR_HOST:ZEPPELIN_PORT/zeppenlin/ws
</Location>
ProxyPass /zeppelin http://ZEPPELIN_IP_OR_HOST:ZEPPELIN_PORT/zeppelin
ProxyPassReverse /zeppelin http://ZEPPELIN_IP_OR_HOST:ZEPPELIN_PORT/zeppelin
I found that the order of the location directives matters. If you define the zeppelin first then zeppelin/ws as shown below, then everything works. However, the reversed order doesn't work.
<Location /zeppelin/>
ProxyPass http://priv.my-domain.com:8080/zeppelin/
ProxyPassReverse http://priv.my-domain.com:8080/zeppelin/
</Location>
<Location /zeppelin/ws>
ProxyPass ws://priv.my-domain.com:8080/zeppelin/ws
ProxyPassReverse ws://priv.my-domain.com:8080/zeppelin/ws
</Location>
Just to add to this, I was able to use Apache2 with the config below to reroute to my zeppelin instance. The important piece is the websocket connection.
Make sure you add
sudo a2enmod proxy_wstunnel
to the mods. I then ran the following:
sudo a2dissite 000-default
sudo nano /etc/apache2/sites-available/proxy-host.conf
# Insert the following into the proxy-host.conf file
<VirtualHost *:80>
ServerName '<Zeppelin Public IP>:8080'
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://<Zeppelin Public IP>:8080/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://<Zeppelin Public IP>:8080/$1 [P,L]
ProxyPassReverse / http://<Zeppelin Public IP>:8080/
</VirtualHost>
# / text insert
sudo a2ensite proxy-host
sudo nano /etc/apache2/ports.conf
#Add this to the ports.conf file and cntrl+X to save & exit
Listen 8080
sudo /etc/init.d/apache2 restart
Then when you go to http:// reverseproxypublicIP / it'll reroute to your Zeppelin instance. Hope this helps someone!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.