17.4. Web Server Configuration
17.4.1. About the Standalone Apache HTTP Server
17.4.2. HTTPD Variable Conventions
Product | HTTPD_CONF | HTTPD_MODULES |
---|---|---|
Red Hat Enterprise Linux | /etc/httpd/conf | /etc/httpd/modules |
HPUX | /opt/hpws/apache/conf | /opt/hpws/apache/modules |
Product | HTTPD_CONF | HTTPD_MODULES |
---|---|---|
Red Hat Enterprise Linux | /HTTPD_HOME/EWS-ROOT/httpd/conf | /HTTPD_HOME/EWS-ROOT/httpd/modules |
Solaris | /HTTPD_HOME/EWS-ROOT/etc/httpd/conf |
/HTTPD_HOME/EWS-ROOT/lib/httpd/modules
or
/HTTPD_HOME/EWS-ROOT/lib64/httpd/modules
|
Windows | /HTTPD_HOME/EWS-ROOT/etc/httpd/conf |
/HTTPD_HOME/EWS-ROOT/lib/httpd/modules
or
/HTTPD_HOME/EWS-ROOT/lib64/httpd/modules
|
17.4.3. Install Apache HTTP Server in Red Hat Enterprise Linux 5, 6, and 7 (Zip)
Prerequisites
- Root-level or administrator access.
- A supported version of Java installed.
- The following packages installed:
krb5-workstation
mod_auth_kerb
(required for Kerberos functionality)elinks
(required for theapachectl
functionality)apr-util-devel
(Apache Portability Runtime (APR))apr-util-ldap
(Red Hat Enterprise Linux 7 only, required for LDAP authentication functionality)
Apache HTTP Server
Zip archive contains symbolic links to several Kerberos modules, which is why the mod_auth_kerb
package is a prerequisite. If Kerberos functionality is not required, there is no need to install the mod_auth_kerb
package and the associated symbolic link can be deleted: EAP_HOME/httpd/modules/mod_auth_kerb.so
.
Procedure 17.3. Install the Apache HTTP Server
Navigate to the JBoss EAP downloads list for your platform, on the Red Hat Customer Portal.
Log in to the Customer Portal and navigate to the Software Downloads page. Select the appropriate and .Choose the Apache HTTP Server binary from the list.
Find the Apache HTTP Server option for your operating system and architecture. Click the Download link. A Zip file containing the Apache HTTP Server distribution downloads to your computer.Extract the Zip to the system where the Apache HTTP Server binary will run.
Extract the Zip file on your preferred server, to a temporary location. The Zip file will contain thehttpd
directory under a jboss-ews-version-number folder. Copy thehttpd
folder and place it inside the EAP_HOME directory.Your Apache HTTP Server is now located in theEAP_HOME/httpd/
directory. This directory is referred to as HTTPD_HOME.Run the Post-installation script and create the
apache
user and group accountsIn a terminal emulator, navigate to theEAP_HOME/httpd
directory and execute the following command withroot
user privileges../.postinstall
Next, verify that theapache
user exists on the system by running the following command:id apache
If the user does not exist then it will need to be added, along with the appropriate usergroup. In order to achieve this, execute the following withroot
user privileges:getent group apache >/dev/null || groupadd -g 48 -r apache getent passwd apache >/dev/null || useradd -r -u 48 \ -g apache -s /sbin/nologin -d HTTPD_HOME/httpd/www -c "Apache" apache
Once this is completed, if theapache
user will be running the Apache HTTP Server service, then the ownership of the HTTP directories will need to be changed to reflect this:chown -R apache:apache httpd
To test that the above commands have been successful, check that theapache
user has execution permission to the Apache HTTP Server install path.ls -l
The output should be similar to:drwxrwxr-- 11 apache apache 4096 Feb 14 06:52 httpd
Configure the Apache HTTP Server.
Prior to starting the Apache HTTP Server, configure it to meet the needs of your organization. You can use the documentation available from the Apache Foundation at http://httpd.apache.org/ for general guidance.Start the Apache HTTP Server.
Start the Apache HTTP Server using the following command:HTTPD_HOME/httpd/sbin/apachectl start
Stop the Apache HTTP Server.
To stop the Apache HTTP Server, issue the following command:HTTPD_HOME/httpd/sbin/apachectl stop
17.4.4. Install Apache HTTP Server in Red Hat Enterprise Linux (RHEL) 5, 6, and 7 (RPM)
Prerequisites
- Root-level access.
- The latest version of elinks package installed (required for the apachectl functionality).
- Subscribe to Red Hat Enterprise Linux (RHEL) channels (to install Apache HTTP Server from RHEL channels).
- Subscribe to
jbappplatform-6-ARCH-server-VERS-rpm
Red Hat Network (RHN) channel (to install EAP specific distribution of Apache HTTP Server).
- From Red Hat Enterprise Linux (RHEL) channels: An active subscription to Red Hat Enterprise Linux (RHEL) channels is necessary to install Apache HTTP server.
- From
jbappplatform-6-ARCH-server-VERS-rpm
channel (JBoss EAP specific distribution): JBoss EAP distributes its own version of the Apache HTTP Server. An active subscription tojbappplatform-6-ARCH-server-VERS-rpm
channel is necessary to install the JBoss EAP specific distribution of Apache HTTP Server.
Procedure 17.4. Install and Configure Apache HTTP Server in Red Hat Enterprise Linux 5 and 6 (RPM)
Install
httpd
To install the JBoss EAP specific version ofhttpd
package run the following command:yum install httpd
To installhttpd
explicitly from Red Hat Enterprise Linux (RHEL) channels run the following command:yum install httpd --disablerepo=jbappplatform-6-*
Note
You must run only one of the above commands to install thehttpd
package on your system.Set the Service Boot Behavior
You can define the service behavior for thehttpd
service at boot from the command line or with the service configuration graphical tool. Run the following command to define the behavior:chkconfig httpd on
To use the service configuration tool run the following command and change the service setting in the displayed window:system-config-services
Start
httpd
Starthttpd
using the following command:service httpd start
Stop
httpd
Stophttpd
using the following command:service httpd stop
Procedure 17.5. Install and Configure Apache HTTP Server in Red Hat Enterprise Linux 7 (RPM)
Install
httpd22
To install the JBoss EAP specific version ofhttpd22
package run the following command:yum install httpd22
Set the Service Boot Behavior
Run the following command to start thehttpd22
service at boot:systemctl enable httpd22.service
Start
httpd22
Starthttpd22
using the following command:systemctl start httpd22.service
Stop
httpd22
Stophttpd22
using the following command:systemctl stop httpd22.service
17.4.5. Manage Apache HTTP Server Service for Microsoft Windows Server Environment
Procedure 17.6. Install the Apache HTTP Server service for Microsoft Windows Server environment
Install the Apache HTTP Server service using this command.
cd /D "%EWS_HOME%\bin" httpd -k install
This command installs an Apache HTTP Server service named Apache2.2.To specify a different name for the service, for example, ApacheBalancer, use the following command.cd /D "%EWS_HOME%\bin" httpd -k install -n ApacheBalancer
Procedure 17.7. Start the Apache HTTP Server service for Microsoft Windows Server environment
To start a service, you can either use httpd.exe or service manager.
Using httpd.exe:cd /D "%EWS_HOME%\bin" httpd -k start -n Apache2.2
Using service manager:net start Apache2.2
Procedure 17.8. Stop the Apache HTTP Server service for Microsoft Windows Server environment
To stop a service, you can either use httpd.exe or service manager.
Using httpd.exe:cd /D "%EWS_HOME%\bin" httpd -k stop -n Apache2.2
Using service manager:net stop Apache2.2
Procedure 17.9. Uninstall the Apache HTTP Server service for Microsoft Windows Server environment
To uninstall a service, it must be referenced by name. For example, to uninstall the service names ApacheBalancer, use the following command.
cd /D "%EWS_HOME%\bin" httpd -k uninstall -n ApacheBalancer
17.4.6. mod_cluster Configuration on Apache HTTP Server
The mod_cluster connector is an Apache HTTP Server-based load balancer. It uses a communication channel to forward requests from the Apache HTTP Server to one of a set of application server nodes. The following derivatives can be set to configure mod_cluster.
Note
Derivative | Description | Values |
---|---|---|
CreateBalancers | Defines how the balancers are created in the Apache HTTP Server VirtualHosts. This allows directives like: ProxyPass /balancer://mycluster1/ . |
0: Create all VirtualHosts defined in Apache HTTP Server
1: Do not create balancers (at least one ProxyPass or ProxyMatch is required to define the balancer names)
2: Create only the main server
Default: 2
While using the value 1, do not forget to configure the balancer in the ProxyPass directive, because the default is an empty stickysession and
nofailover=Off and the values received via the MCMP CONFIG message are ignored.
|
UseAlias | Check that the alias corresponds to the server name. |
0: Ignore aliases
1: Check aliases
Default: 0
|
LBstatusRecalTime | Time interval in seconds for loadbalancing logic to recalculate the status of a node. |
Default: 5 seconds
|
WaitBeforeRemove | Time in seconds before a removed node is forgotten by httpd. |
Default: 10 seconds
|
ProxyPassMatch/ProxyPass |
ProxyPassMatch and ProxyPass are mod_proxy directives which, when using
! (instead of the back-end URL), prevent reverse-proxy in the path. This is used to allow Apache HTTP Server to serve static content. For example,
ProxyPassMatch ^(/.*\.gif)$ !
The above example allows the Apache HTTP Server to serve the
.gif files directly.
|
<subsystem xmlns="urn:jboss:domain:modcluster:1.2"> <mod-cluster-config advertise-socket="modcluster" connector="ajp"> - <dynamic-load-provider> - <load-metric type="busyness"/> - </dynamic-load-provider> + <simple-load-provider factor="0"/> </mod-cluster-config> </subsystem>
- Node A, Load: 10
- Node B, Load: 10
- Node C, Load: 0
The context of a mod_manager directive is VirtualHost in all cases, except when mentioned otherwise. server config
context implies that the directive must be outside a VirtualHost configuration. If not, an error message is displayed and the Apache HTTP Server does not start.
Derivative | Description | Values |
---|---|---|
EnableMCPMReceive | Allow the VirtualHost to receive the MCPM from the nodes. Include EnableMCPMReceive in the Apache HTTP Server configuration to allow mod_cluster to work. Save it in the VirtualHost where you configure advertising. | |
MemManagerFile |
The base name for the names that mod_manager uses to store configuration, generate keys for shared memory or locked files. This must be an absolute path name; the directories are created if needed. It is recommended that these files are placed on a local drive and not an NFS share.
Context: server config
| $server_root/logs/
|
Maxcontext | The maximum number of contexts supported by mod_cluster
Context: server config
|
Default: 100
|
Maxnode | The maximum number of nodes supported by mod_cluster.
Context: server config
|
Default: 20
|
Maxhost | The maximum number of hosts (aliases) supported by mod_cluster. It also includes the maximum number of balancers.
Context: server config
| Default: 20 |
Maxsessionid |
The number of active
sessionid stored to provide the number of active sessions in the mod_cluster-manager handler. A session is inactive when mod_cluster does not receive any information from the session within 5 minutes.
Context: server config
This field is for demonstration and debugging purposes only.
| 0: the logic is not activated. |
MaxMCMPMaxMessSize | The maximum size of MCMP messages from other Max directives | Calculated from other Max directives. Min: 1024 |
ManagerBalancerName | The name of balancer to use when the JBoss EAP instance does not provide a balancer name. | mycluster
|
PersistSlots | Tells mod_slotmem to persist nodes, aliases and contexts in files.
Context: server config
| Off |
CheckNonce | Switch check of nonce when using mod_cluster-manager handler. |
on/off
Default: on -
Nonce checked
|
AllowDisplay | Switch additional display on mod_cluster-manager main page. |
on/off
Default: off - only version is displayed
|
AllowCmd | Allow commands using mod_cluster-manager URL. |
on/off
Default: on - Commands allowed
|
ReduceDisplay | Reduce the information displayed on the main mod_cluster-manager page, so that more nodes can be displayed on the page. |
on/off
Default: off - full information is displayed
|
SetHandler mod_cluster-manager |
Displays information about the node that mod_cluster sees from the cluster. The information includes generic information and additionally counts the number of active sessions.
<Location /mod_cluster-manager> SetHandler mod_cluster-manager Order deny,allow Allow from 127.0.0.1 </Location> |
on/off
Default: off
|
Note
httpd.conf
:
17.4.7. Use an External Web Server as the Web Front-end for JBoss EAP 6 Applications
For reasons to use an external web server as the web front-end, as well as advantages and disadvantages of the different HTTP connectors supported by JBoss EAP 6, refer to Section 17.2.3, “Overview of HTTP Connectors”. In some situations, you can use the Apache HTTP Server that comes with your operating system. Otherwise, you can use the Apache HTTP Server that ships as part of JBoss Enterprise Web Server.
17.4.8. Configure JBoss EAP 6 to Accept Requests From External Web Servers
JBoss EAP 6 does not need to know which proxy it is accepting requests from, only the port and protocol to look for. This is not true of mod_cluster
, which is more tightly coupled to the configuration of JBoss EAP 6. But the following task works for mod_jk
, mod_proxy
, ISAPI connector
, and NSAPI connector
. Substitute the protocols and ports in the examples with the ones you need to configure.
mod_cluster
, refer to Section 17.6.6, “Configure a mod_cluster Worker Node”.
Prerequisites
- You need to be logged into the Management CLI or Management Console to perform this task. The exact steps in the task use the Management CLI, but the same basic procedure is used in the Management Console.
- You need a list of which protocols you will be using, whether HTTP, HTTPS, or AJP.
Procedure 17.10. Edit Configuration and add Socket Bindings
Configure the
jvmRoute
system property.For a standalone mode instance, remove the prefix/host=NODE_NAME
. ReplaceNODE_NAME
with the name of the host./host=NODE_NAME/system-property=jvmRoute/:add(value=NODE_NAME)
List the connectors available in the web subsystem.
Note
This step is only necessary if you are not using theha
orfull-ha
profiles for either a standalone server, or a server group in a Managed Domain. Those configurations already include all of the necessary connectors.In order for an external web server to be able to connect to JBoss EAP 6's web server, the web subsystem needs a connector. Each protocol needs its own connector, which is tied to a socket group.To list the connectors currently available, issue the following command:/subsystem=web:read-children-names(child-type=connector)
If there is no line indicating the connector your need (HTTP, HTTPS, AJP), you need to add the connector.Read the configuration of a connector.
To see the details of how a connector is configured, you can read its configuration. The following command reads the configuration of the AJP connector. The other connectors have similar configuration output./subsystem=web/connector=ajp:read-resource(recursive=true)
{ "outcome" => "success", "result" => { "enable-lookups" => false, "enabled" => true, "max-post-size" => 2097152, "max-save-post-size" => 4096, "protocol" => "AJP/1.3", "redirect-port" => 8443, "scheme" => "http", "secure" => false, "socket-binding" => "ajp", "ssl" => undefined, "virtual-server" => undefined } }Add the necessary connectors to the web subsystem.
To add a connector to the web subsystem, it must have a socket binding. The socket binding is added to the socket binding group used by your server or server group. The following steps assume that your server group isserver-group-one
and that your socket binding group isstandard-sockets
.Add a socket to the socket binding group.
To add a socket to the socket binding group, issue the following command, replacing the protocol and port with the ones you need./socket-binding-group=standard-sockets/socket-binding=ajp:add(port=8009)
Add the socket binding to the web subsystem.
Issue the following command to add a connector to the web subsystem, substituting the socket binding name and protocol with the ones you need./subsystem=web/connector=ajp:add(socket-binding=ajp, protocol="AJP/1.3", enabled=true, scheme="http")