BeerCamper BeerCamper - 2 months ago 41
Apache Configuration Question

Apache Zeppelin behind Apache reverse proxy

I'm running my Apache Zeppelin instance behind an Apache Webserver, where the webserver only serves as a reserve proxy.

If I'm browsing to the reverse-proxy site

https://my-domain.com/zeppelin/
I'm getting a website with assets and buttons and everything, but the websocket of Zeppelin won't connect. The Browser-Dev-Tools are saying
405 HTTP method GET is not supported by this URL
for the URL
https://my-domain.com/zeppelin/ws
.

If I'm going direct on the Zeppelin-Website (f.e.
http://priv.my-domain.com/zeppelin
) everything works fine. So it seems like it's not a bug in the Zeppelin-Code but a problem in the reverse-proxy-config.

My Apache reverse-proxy config looks like:

<VirtualHost *:443>
ServerName my-domain.com
# don't loose time with IP address lookups
HostnameLookups Off
ProxyRequests Off
ProxyPreserveHost Off
SSLEngine On
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
...
ssl cert stuff
...
<Location /zeppelin/ws>

ProxyPass ws://priv.my-domain.com:8080/zeppelin/ws
ProxyPassReverse ws://priv.my-domain.com:8080/zeppelin/ws

Order deny,allow
Deny from all

Allow from <my-ip>

</Location>

<Location /zeppelin/>

ProxyPass http://priv.my-domain.com:8080/zeppelin/
ProxyPassReverse http://priv.my-domain.com:8080/zeppelin/

Order deny,allow
Deny from all

Allow from <my-ip>

</Location>
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>


It makes no difference if I remove the first ws-location from the config.
Have you any idea?

EDIT FOR SOLUTION: After the below answer I modified my conf-file and it's working now! Thank you really much!

My working conf:

<VirtualHost *:443>
ServerName my-domain.com
# don't loose time with IP address lookups
HostnameLookups Off
ProxyRequests Off
ProxyPreserveHost Off
SSLEngine On
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
...
ssl cert stuff
...
<Location /zeppelin/>

ProxyPass http://priv.my-domain.com:8080/zeppelin/
ProxyPassReverse http://priv.my-domain.com:8080/zeppelin/

Order deny,allow
Deny from all

Allow from <my-ip>

</Location>
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
RewriteRule ^/(.*) ws://priv.my-domain.com:8080/$1 [P]
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>

Answer

This is the conf I am using which has some specifies not necessarily applicable for your needs :
- service discovery in front of a mesos cluster
- one instance per user and routing the user based on the credentials

<VirtualHost *:3128>
    <Location "/"> 
      AuthUserFile  /.............../users
      AuthName "xxxxxxxxxxxxx" 
      AuthGroupFile /dev/null 
      AuthType Basic 
      Require valid-user
    </Location> 
    ServerName xxxxxxxxxxxxxxxxxxxxxxxxxxx
    # SSLEngine on
    # SSLCertificateFile "/.............../xxxxx.crt"
    # SSLCertificateKeyFile "/.............../xxxxx.key"

  #RewriteRules for datalab with user
  RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
  RewriteCond %{LA-U:REMOTE_USER} (aaaa)
  RewriteRule ^/(.*) ws://azerty01:31321/$1 [P]
  RewriteCond %{LA-U:REMOTE_USER} (aaaa)
  RewriteRule ^/(.*) http://azerty01:31321/$1 [P,QSA,L]
  ProxyPassReverse / http://azerty01:31321

  #RewriteRules for datalab with user
  RewriteCond %{HTTP:Upgrade} =WebSocket [NC,NV]
  RewriteCond %{LA-U:REMOTE_USER} (bbbb)
  RewriteRule ^/(.*) ws://azerty02:31901/$1 [P]
  RewriteCond %{LA-U:REMOTE_USER} (bbbb)
  RewriteRule ^/(.*) http://azerty02:31901/$1 [P,QSA,L]
  ProxyPassReverse / http://azerty02:31901

</VirtualHost>
Comments