Configuring virtual machines as virtual hosts on Ubuntu Server
Hi Experts,
I am trying to do something which I *thought* was pretty easy. I have done this many times with Windows Server 2003 and it works perfectly, but now I trying to do the same thing on Ubuntu and it won't play nice!
The scenario is this:
I have a host server (Ubuntu Server 6.06 LTS); installed on the server is VMware Server. I have created a number of virtual machines - all VMs are Windows Server 2003. The VMs all have private IP addresses, and the Linux host has a public IP address. Each of the VMs has Apache running, listening on port 80. What I want to do is configure virtual hosts in Apache on the host so that HTTP requests are forwarded to the appropriate VM.
I have done this in the past, except that the host server has always been Windows Server 2003. Normally I would add the following to the httpd.conf file:
NameVirtualHost *:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.examp
# DocumentRoot /www/docs/dummy-host.examp
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.co
# CustomLog logs/dummy-host.example.co
#</VirtualHost>
# phobbs - VirtualHost for host server
<VirtualHost *:80>
DocumentRoot E:/web_services/web_root
</VirtualHost>
# phobbs - VirtualHost for host VM1
<VirtualHost *:80>
ServerName vm1.<my-domain>
ProxyRequests off
ProxyPreserveHost Off
ProxyPass / http://10.28.2.200/
ProxyPassReverse / http://10.28.2.200/
</VirtualHost>
# phobbs - VirtualHost for host VM2
<VirtualHost *:80>
ServerName vm2.<my-domain>
ProxyRequests off
ProxyPreserveHost Off
ProxyPass / http://10.28.2.201/
ProxyPassReverse / http://10.28.2.201/
</VirtualHost>
I manage the DNS records for <my-domain>, so I have created subdomains vm1 and vm2 which both point to the public IP address of the host. Under Windows Server, the above config works perfectly. Any requests of the form http://vm1.<my-domain> are redirected to the first VM which has a static IP of 10.28.2.200, and similarly, any requests of the form http://vm2.<my-domain> are redirected to the second VM which has a static IP of 10.28.2.201. Works perfectly.
Under Ubuntu it doesn't seem to be working though. It took me a little while to discover that the config is slightly different. httpd.conf is an empty file; mods are loaded by including *.load and *.conf in the /etc/apache2/mods-enabled directory. And virtual hosts are defined in /etc/apache2/sites-availab
So, first I added some modules to be loaded:
proxy.conf
proxy.load
proxy_http.load
vhost_alias.load
Next I edited /etc/apache2/sites-availab
# phobbs - VirtualHost for host VM1
<VirtualHost *>
ServerName vm1.<my-domain>
ProxyRequests off
ProxyPreserveHost Off
ProxyPass / http://10.28.101.11/
ProxyPassReverse / http://10.28.101.11/
</VirtualHost>
# phobbs - VirtualHost for host VM1
<VirtualHost *>
ServerName vm2.<my-domain>
ProxyRequests off
ProxyPreserveHost Off
ProxyPass / http://10.28.101.12/
ProxyPassReverse / http://10.28.101.12/
</VirtualHost>
Essentially the same config as for the Windows server, except that I am not specifying port 80 because the host also listens on port 443.
From the host I can telnet to the VMs on port 80, which suggests to me that I should be able to forward requests to the VMs.
However, here is what happens:
When I browse to http://vm1.<my-domain> from another PC, I get the following error in the browser:
~~~~~~~~~~~~~~~~~~
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
~~~~~~~~~~~~~~~~~~
The error message above suggests to me that the http server is trying to read the root directory on the host, which it presumably doesn't have permission to do.
In the Apache error log on the host, I see this:
~~~~~~~~~~~~~~~~~~
[Fri Dec 07 09:17:03 2007] [error] [client 123.200.252.74] client denied by server configuration: proxy:http://10.28.101.11/
[Fri Dec 07 09:17:03 2007] [error] [client 123.200.252.74] client denied by server configuration: proxy:http://10.28.101.11/error/
HTTP_FORBIDDEN.html.var
~~~~~~~~~~~~~~~~~~
I should mention that the networking type between the host and the VMs is host-only. I have configured the VMware vmnet2 interface to have an IP address of 10.28.101.1 and netmask of 255.255.255.0. Also, I am running a VPN server on the host (Linux) server. When I connect to the VPN with my Windows PC, I can successfully browse to http://10.28.101.11/ and I get the Apache welcome message.
Can anyone shed light on what might be happening here? I'm sure that it is just some config somewhere that I don't know about.
Cheers,
Paul Hobbs
I am trying to do something which I *thought* was pretty easy. I have done this many times with Windows Server 2003 and it works perfectly, but now I trying to do the same thing on Ubuntu and it won't play nice!
The scenario is this:
I have a host server (Ubuntu Server 6.06 LTS); installed on the server is VMware Server. I have created a number of virtual machines - all VMs are Windows Server 2003. The VMs all have private IP addresses, and the Linux host has a public IP address. Each of the VMs has Apache running, listening on port 80. What I want to do is configure virtual hosts in Apache on the host so that HTTP requests are forwarded to the appropriate VM.
I have done this in the past, except that the host server has always been Windows Server 2003. Normally I would add the following to the httpd.conf file:
NameVirtualHost *:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.examp
# DocumentRoot /www/docs/dummy-host.examp
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.co
# CustomLog logs/dummy-host.example.co
#</VirtualHost>
# phobbs - VirtualHost for host server
<VirtualHost *:80>
DocumentRoot E:/web_services/web_root
</VirtualHost>
# phobbs - VirtualHost for host VM1
<VirtualHost *:80>
ServerName vm1.<my-domain>
ProxyRequests off
ProxyPreserveHost Off
ProxyPass / http://10.28.2.200/
ProxyPassReverse / http://10.28.2.200/
</VirtualHost>
# phobbs - VirtualHost for host VM2
<VirtualHost *:80>
ServerName vm2.<my-domain>
ProxyRequests off
ProxyPreserveHost Off
ProxyPass / http://10.28.2.201/
ProxyPassReverse / http://10.28.2.201/
</VirtualHost>
I manage the DNS records for <my-domain>, so I have created subdomains vm1 and vm2 which both point to the public IP address of the host. Under Windows Server, the above config works perfectly. Any requests of the form http://vm1.<my-domain> are redirected to the first VM which has a static IP of 10.28.2.200, and similarly, any requests of the form http://vm2.<my-domain> are redirected to the second VM which has a static IP of 10.28.2.201. Works perfectly.
Under Ubuntu it doesn't seem to be working though. It took me a little while to discover that the config is slightly different. httpd.conf is an empty file; mods are loaded by including *.load and *.conf in the /etc/apache2/mods-enabled directory. And virtual hosts are defined in /etc/apache2/sites-availab
So, first I added some modules to be loaded:
proxy.conf
proxy.load
proxy_http.load
vhost_alias.load
Next I edited /etc/apache2/sites-availab
# phobbs - VirtualHost for host VM1
<VirtualHost *>
ServerName vm1.<my-domain>
ProxyRequests off
ProxyPreserveHost Off
ProxyPass / http://10.28.101.11/
ProxyPassReverse / http://10.28.101.11/
</VirtualHost>
# phobbs - VirtualHost for host VM1
<VirtualHost *>
ServerName vm2.<my-domain>
ProxyRequests off
ProxyPreserveHost Off
ProxyPass / http://10.28.101.12/
ProxyPassReverse / http://10.28.101.12/
</VirtualHost>
Essentially the same config as for the Windows server, except that I am not specifying port 80 because the host also listens on port 443.
From the host I can telnet to the VMs on port 80, which suggests to me that I should be able to forward requests to the VMs.
However, here is what happens:
When I browse to http://vm1.<my-domain> from another PC, I get the following error in the browser:
~~~~~~~~~~~~~~~~~~
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
~~~~~~~~~~~~~~~~~~
The error message above suggests to me that the http server is trying to read the root directory on the host, which it presumably doesn't have permission to do.
In the Apache error log on the host, I see this:
~~~~~~~~~~~~~~~~~~
[Fri Dec 07 09:17:03 2007] [error] [client 123.200.252.74] client denied by server configuration: proxy:http://10.28.101.11/
[Fri Dec 07 09:17:03 2007] [error] [client 123.200.252.74] client denied by server configuration: proxy:http://10.28.101.11/error/
HTTP_FORBIDDEN.html.var
~~~~~~~~~~~~~~~~~~
I should mention that the networking type between the host and the VMs is host-only. I have configured the VMware vmnet2 interface to have an IP address of 10.28.101.1 and netmask of 255.255.255.0. Also, I am running a VPN server on the host (Linux) server. When I connect to the VPN with my Windows PC, I can successfully browse to http://10.28.101.11/ and I get the Apache welcome message.
Can anyone shed light on what might be happening here? I'm sure that it is just some config somewhere that I don't know about.
Cheers,
Paul Hobbs
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
WizRd-Linux
whoops, instead of :80 make it :443
ASKER
Hi Again WixRd-Linux!!
I was wondering if you would be the first to jump in on this one. :)
This was much quicker to fix - I did as you suggested and added the Directory directive, and it all works like a charm. Here are the virtual host settings:
# phobbs - VirtualHost for host VM1
<VirtualHost *>
ServerName vm1.<my-domain>
ProxyPass / http://10.28.101.11/
ProxyPassReverse / http://10.28.101.11/
<Directory proxy:http://10.28.101.11/>
Order Allow,Deny
Allow from all
</Directory>
</VirtualHost>
# phobbs - VirtualHost for host VM2
<VirtualHost *>
ServerName vm2.<my-domain>
ProxyPass / http://10.28.101.12/
ProxyPassReverse / http://10.28.101.12/
<Directory proxy:http://10.28.101.12/>
Order Allow,Deny
Allow from all
</Directory>
</VirtualHost>
I have left out the :80 because Apache complains when I try to restart it:
[error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
Anyway - thx for the super quick response. Here's another 500 pts for you!
BTW - I am about to post another question about configuring Postfix. If you know much about this, feel free to dive in and grab some more points.
I was wondering if you would be the first to jump in on this one. :)
This was much quicker to fix - I did as you suggested and added the Directory directive, and it all works like a charm. Here are the virtual host settings:
# phobbs - VirtualHost for host VM1
<VirtualHost *>
ServerName vm1.<my-domain>
ProxyPass / http://10.28.101.11/
ProxyPassReverse / http://10.28.101.11/
<Directory proxy:http://10.28.101.11/>
Order Allow,Deny
Allow from all
</Directory>
</VirtualHost>
# phobbs - VirtualHost for host VM2
<VirtualHost *>
ServerName vm2.<my-domain>
ProxyPass / http://10.28.101.12/
ProxyPassReverse / http://10.28.101.12/
<Directory proxy:http://10.28.101.12/>
Order Allow,Deny
Allow from all
</Directory>
</VirtualHost>
I have left out the :80 because Apache complains when I try to restart it:
[error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
Anyway - thx for the super quick response. Here's another 500 pts for you!
BTW - I am about to post another question about configuring Postfix. If you know much about this, feel free to dive in and grab some more points.
ASKER
WizRd-Linux scores another home run!