Hi.This is a general question, for my preliminary enlightenment and orientation. I'm hoping to get some pointers as to how to start designing a solution.
The case :We are a small web software development company. We are using internally several servers (Unix, Linux, Windows), each one of them containing a rather messy mixture of web applications under Apache + mod_jk + Tomcat, static documents in various hierarchies, and generally speaking what one could expect accumulates over some 15+ years of developing web applications for customers.
This is connected to the Internet via a good but rather rigid firewall.Each of these internal systems of course has a name, some of them have several (VirtualHosts), and various applications that we have developed, are developing, or support are spread over these systems and virtual hosts in an ad-hoc fashion that depends as much on the software versions and disk space available, as on unexpected past incidents having forced emergency relocations. You get the picture; I won't name the company of course, and our customers are very happy anyway. So there.
We have decided to re-organise this, and at the same time make this more accessible both from inside and from outside (to our external developers). At the moment for instance, accessing a given application (whether to edit it's files or to test it via the web), requires the external user to
a) know on which server the application residesb) create an SSH tunnel from his workstation to that server's port 80 through the firewall c) defining a local "alias" for the virtual or real server name he wants to access (e.g. in the local "hosts" file)
d) then accessing the web application via this aliasand that kind of stuff. Of course if he wants now to acces another server, the whole thing has to be repeated.
I would like to re-organise this as follows :- choosing and setting up one of the internal servers as a "front-end" for itself and all the others. - allow internals and externals to connect to the front-end system (if from outside, through an SSH tunnel) - have this front-end system "proxy" the requests to whichever internal system contains the stuff of interest, in function of either the alias hostname of the target system, or some URI scheme that uses a prefix to designate which server in the background contains the stuff
Now, given all the above, does anyone have any good tips as to what kind of general setup we would need for this ? Based on previous messages on this list, I have a tendency to think of mod_proxy and mod_rewrite, but in what general shape or form is what I hope to get from this explanation.
Thanks in advance, André --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|