Just Enough Developed Infrastructure

Using Apache as a reverse proxy to access tomcat in virtual machines

This post describes how to use apache as a reverse proxy to access tomcat or other webservers/services within vmware machines that use network interfaces configured with NAT.

Option 1: Standard vmware NAT
Vmware has a standard way of exposing services running on vmware machines behind a nat configuration. It uses the file /etc/vmware/vmnet8/nat/nat.conf to define mapping between external ports and internal vmware hosts.
So say we have to virtual machines called vm1.virtual.net (192.168.0.100) and vm2.virtual.net (192.168.0.100) with both a tomcat listening on port 8080 and we want to make them available on the IP address 10.247.61.17 (eth0)
[incomingtcp]
8080 = 192.168.0.100
8081 = 192.168.0.101
There are two downside to this setup:

  • each developers has to remember the port on which his machine is mapped
  • if you change the file nat.conf you have to restart vmnet8 daemon, possibly causing an interruption of the network traffic.
Option 2: Using apache reverse proxy
Here comes Apache2 to the rescue! It is very simple to setup a reverse proxy in apache.
Step 0: install apache

#yum install httpd
Step1: Enable the correct modules in apache (httpd.conf)
LoadModule proxy_module
LoadModule proxy_http_module
Step 2:Enable a virtualhosts (listener.conf)
NameVirtualHost :80

Step 3: For each host create a virtualhost mapping (vhosts.d)
<VirtualHost
:80>
Servername vm1.virtual.net
ProxyPass/ http://192.168.0.100:8080
ProxyPassReverse / http://192.168.0.100:80
</VirtualHost>
This will correctly route all request coming on port 80 using the name vm1.virtual.net to the backend server with IP addres 192.168.0.100 on port 8080. And if the servers returns information it will do the same.
Conclusion:
Using a reverse proxy is much powerful then using vmware-NAT configuration. Be aware that in both setup, you have to make sure that when your application generates URL's for links, that they don't do this based upon their own port (8080) but do this relative. Still redirection of URLs can't be relative (according to the spec), this requires changes in Tomcat . See http://www.mbaworld.com/docs/proxy-howto.html

<Connector port="8081" ...
              proxyName="www.mycompany.com"
              proxyPort="80"/>