hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Crawford <samcrawf...@gmail.com>
Subject Re: How to proxy multiple web servers?
Date Fri, 10 Apr 2009 11:43:44 GMT
Morning,

Option 1 is most definitely still an option for you. You'd create a wildcard
dns A record, maybe something like:

*.devices.company.com  =>  10.0.0.1

So any sub-domain of devices.company.com will resolve to that one IP address
- which would be your reverse proxy. Then in your reverse proxy you have
some functionality to dynamically support loading of new hostnames. So the
logic will be all held on the reverse proxy - the DNS just points everything
at your server.

You definitely do not need to make DNS changes or local hosts file changes
for each new device you want to support :-)

Hope this helps,

Sam


2009/4/9 Brijesh Deo <bdeo@sonicwall.com>

> Hi Sam,
>
> Thanks a lot for the complete details on each option. I had Option 3 in
> mind and learnt about option 1 after interacting with a few people.
> Option 2 is a new suggestion from you.
> In my case, I have to add the backend servers to proxy in my reverse
> proxy in a dynamic manner. So, going by option 1 might not be feasible,
> as deployment sites might not allow making changes to their DNS servers.
> Is there anyway option 1 could be carried out without taking help from
> DNS servers or local hosts files? I think not. Please let me know what
> you feel.
>
> Since all my backend servers are small network appliances with firmwares
> running web servers, so I don't think I would be able to get them
> running under custom context-roots of my choice.
>
> Option 3 is suitable for me, as I would have control over access to a
> particular backend server through the proxy from any browser client. In
> fact I would present a page with links to all the backend servers where
> the user has to click to bring up the web-gui from any backend server
> through the proxy. So whenever a user would select a new backend server
> link on this page, I can reset the session cookie value with its
> corresponding id thereby allowing browsing multiple backend servers in
> the same browser session.
>
> But still as you said, the best option is the option 1 though I wish I
> could get it working without depending on DNS servers or local hosts
> files. But I don't think it would be possible that way.
>
> Thanks,
> Brijesh
>
>
> -----Original Message-----
> From: Sam Crawford [mailto:samcrawford@gmail.com]
> Sent: Thursday, April 09, 2009 1:48 AM
> To: HttpClient User Discussion
> Subject: Re: How to proxy multiple web servers?
>
> Hi Brijesh,
>
> Just so I'm clear, your challenge is working out which backend host to
> send
> the requests to based upon the incoming client request?
>
> The way I see it you've got a few options:
>
> 1. Use name based virtual hosting.So you'd have loads of sub-domains
> like
> device001.company.com, device002.company.com, that all point to your
> reverse
> proxy server (how you do it in DNS is up to you - maybe a wildcard A
> record,
> or specific CNAMES, who knows). Then when your web browser visits
> device006.company.com it'll send a "Host: device006.company.com" HTTP
> header
> to your reverse proxy, and you can use this to decide which backend to
> send
> it to (Granted this will only work for HTTP/1.1 clients, so if you need
> to
> support HTTP/1.0 - and I can't see why - then you might have to use
> something else).
>
> 2. If you can't or do not want to use name based virtual hosting then
> how
> much configuration can you do on the backend devices? Can you run their
> webservers all under a different context-root? e.g. device001 would run
> under http://10.0.0.1/device001/ and device002 would run under
> http://10.0.0.2/device002/ etc. If you could modify the context-roots of
> your backend servers then you could use the first part of the URI in the
> incoming request to determine the backend.
>
> 3. Failing the above, you could use some kind of query string check
> along
> with cookie setting. I'd be very very wary of doing this personally, as
> it
> essentially limits you to working on one backend host per browser
> session.
> But anyway, the process would be something like:
> (a) Client requests /index.html?id=device001 from reverse proxy host
> (b) Reverse proxy looks up device001 in table, finds that it's valid
> (c) Reverse proxy notes that you haven't passed in a session cookie and
> builds you a new session with "id=device001" as a attribute/value pair
> (d) Reverse proxy sends your request to the backend (device001)
> (e) Reverse proxy returns the response to you, along with the
> "Set-Cookie"
> header so that your browser gets a cookie
> (f) Client requests /device_stats.html, but this time passes in the
> session
> cookie. Reverse proxy looks this up in memory and proceeds from step (d)
>
> I'd stick with #1 or #2 personally.
>
> Hope this helps,
>
> Sam
>
>
>
>
> 2009/4/8 Brijesh Deo <bdeo@sonicwall.com>
>
> > Hi,
> >
> >
> >
> > I am implementing a Reverse proxy application modeled on the sample
> code
> > 'ElementalReverseProxy'
> >
> (http://svn.apache.org/repos/asf/httpcomponents/httpcore/trunk/httpcore/
> >
> src/examples/org/apache/http/examples/ElementalReverseProxy.java<http://
> svn.apache.org/repos/asf/httpcomponents/httpcore/trunk/httpcore/%0Asrc/e
> xamples/org/apache/http/examples/ElementalReverseProxy.java>)
> > with a
> > little modification.
> >
> >
> >
> > My Reverse Proxy application has an HttpService running on a port for
> > handling incoming HttpRequests. For, passing on these Requests to the
> > Target web servers (for outgoing connections), I am using HttpClient
> > 4.0. This is what I have done differently from the
> > ElementalReverseProxy.java. The HttpResponse thus obtained from the
> > Target webservers is passed into the Response to the initial Request
> > that was received by the HttpService. So, this works great as a
> reverse
> > proxy.
> >
> >
> >
> > My Reverse proxy application needs to proxy multiple web servers and
> > such web servers can be dynamically added or deleted from the proxy.
> The
> > above approach works great when I dedicate a HttpService on a specific
> > port to proxy a particular web server only. So, going by the above
> > approach, I would need to run multiple HttpServices on different ports
> > to proxy each web server. And that many ports have to be left open on
> > the system on which I deploy this application. So, this poses a
> security
> > risk and also can be a scalability issue when I need to proxy hundreds
> > of web servers. Actually, all my webservers are small network
> appliances
> > that run a web server with the management web GUI which I want to
> proxy
> > through a centralized system.
> >
> >
> >
> > The ideal solution I believe would be to run a single HttpService on a
> > port and then send the Requests to different target hosts using the
> > Httpclient, but the challenge is how to find out by seeing the
> > HttpRequest that to which target it needs to be sent. Is it good to
> set
> > a Cookie in the Response to the first request that comes in with an
> > identifier for a particular web server? I could have the first request
> > in the form :
> > http://my-reverseproxy-host:8888/index.html?id=some_identifier. In the
> > response to this request, I could add the Set-Cookie header with the
> > identifier value which should help me identify subsequent request for
> > that browser session.
> >
> >
> >
> > What are the other ways to keep track of the Requests and responses?
> Has
> > anyone come across this kind of situation?
> >
> >
> >
> > Please let me know.
> >
> >
> >
> > Thanks,
> >
> > Brijesh
> >
> >
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message