[users@httpd] HTTPS proxy with mod_rewrite to do a cheap ip-based load balancing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

I am trying to implement in Apache a cheap load
balancer that is only based upon the ip address of the
client. 

I have two application servers. My Apache server is
acting as a HTTPS proxy, doing all the SSL for these
two application servers. Ip addresses ending with 0,
1, 2, 3 or 4 should go to the first application
server, Ip addresses ending with 5, 6, 7, 8 or 9
should go to the second application server.

I thought I could use ProxyPass and RewriteRule to
achieve this. It works most of the time except that
Apache sometimes performs a redirect instead of a
forward.

This causes problems with my application servers, they
cannot handle the extra "balancer1" or "balancer2" in
the URLs that they receive when a redirect occured.

Here are the configuration items I added in my conf
file.

SSLProxyEngine on
RewriteEngine on

RewriteCond %{REQUEST_URI}% !^/balancer1(.*)
RewriteCond %{REQUEST_URI}% !^/balancer2(.*)
RewriteCond %{REMOTE_ADDR} ^.*[0-4]$
RewriteRule (.*) /balancer1$1 [P]
ProxyPass /balancer1/app1 http://appserver1:8080/app1
ProxyPassReverse /balancer1/app1
http://appserver1:8080/app1
ProxyPass /balancer1/app2 http://appserver1:8080/app2
ProxyPassReverse /balancer1/app2
http://appserver1:8080/app2

RewriteCond %{REQUEST_URI}% !^/balancer1(.*)
RewriteCond %{REQUEST_URI}% !^/balancer2(.*)
RewriteCond %{REMOTE_ADDR} ^.*[5-9]$
RewriteRule (.*) /balancer2$1 [P]
ProxyPass /balancer2/app1 http://appserver2:8080/app1
ProxyPassReverse /balancer2/app1
http://appserver2:8080/app1
ProxyPass /balancer2/app2 http://appserver2:8080/app2
ProxyPassReverse /balancer2/app2
http://appserver2:8080/app2

I appreciate your help.

Note1: I know that a DNS round robin is the right way
to do this, but the application servers can't be
swapped once a session has started.

Note2: I know that a load balancer such as pen could
help me, but pen support of SSL is not so great. When
placed between Apache and the application servers, pen
uses the IP address of the proxy server instead of the
address of the client.

-Thierry




	
		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux