I've an Ubuntu 16.04 server with two NIC cards. Both of them are configured with static IP and set to different hosts.
At this time, I've running Apache and glassfish through the same interface (only one of the cards), Apache listen on the port 80 and glassfish the 8080 (classic configuration).
Now I want to enable the second NIC in order to allow glassfish to listen the port 80. This way I'll have Apache listening port 80 of the first NIC and Glassfish the port 80 with the other card and different domain. However I can't accomplish that.
By the moment I've tried the following configurations but neither of them works:
Creating a new http-listener with port 80 and with address equal to the second nic IP address.
Creating a virtual server, set the host to the second nic IP address, and then the http-listener with port 80.
Create a new domain with --keytooloption CN=my.domain.name and with that domain make the two things upon (while creating this domain --instanceport 80 is not permitted, a message said that 80 port is in use, but from my point of view, port 80 is in use but by different interface...?).
Some different domain.xml adjustments like ports, hosts, etc.
I've been reading Glassfish documentation the last two or three days and didn't find the answer yet.
Both nic cards are on the same net, for example:
111.222.333.1 and the other 111.222.333.2
I didn't try with different sub nets maybe changing the second NIC IP to 111.222.444.2, however I don't have the necessary privileges to make those changes and before ask to the IT people on the company, and change other configurations, I'll like to know if someone of you have ever been on a similar scenario? does anyone have any idea? suggestions?
After several attempts I get with the right configuration.
Step 1
As the server have Apache and Glassfish servers, by default, apache configuration listen port 80 for all IPs, so is the first thing to change:
--/etc/apache2/ports.conf
change line "Listen 80" by "Listen ###.###.###.###:80" having ###... as the apache desired ip address
Then restart apache
/etc/init.d/apache2 restart
Step 2
Create http-listener for Glassfish on the port 80 for the second IP:
sudo ./asadmin create-http-listener --listeneraddress ###.###.###.### --listenerport 80 --acceptorthreads 16 --securityenabled=false --default-virtual-server server myListenerName
Step 3
If you already have Glassfish installed (like my case) it was already listening to the previous IP (apache one) but in 8080 port, in order to listen to the new IP, a new virtual server needs to be created:
./asadmin create-virtual-server --hosts my.domain.name --networklisteners myListenerName myservername
Step 4
At the time of http-listener "myListenerName" creation, it needed to be linked to a server, so the only available at that time was the default one: "server". So then manually update domain.xml in order to delete myListenerName from the network-listeners of server and add it to the virtual-server "myservername". At the end it looks like the above:
<virtual-server network-listeners="http-listener-1,http-listener-2" id="server"></virtual-server>
<virtual-server network-listeners="myListenerName" hosts="my.domain.nama" id="myservername"></virtual-server>
Step 5
Re start glassfish
./asadmin stop-domain domain1
./asadmin start-domain domain1
Step 6
Deploy any application to the new server
./asadmin deploy --virtualservers myservername /path/to/my.war
Step 7
Relax
I hope this info helps somebody!
If I may, I wrote a blog post on this at:
https://rsoftwareblog.wordpress.com/2014/11/12/glassfish-server-multi-nic-conundrum/
Hope this helps
Related
I have tried everything, this is my last hope before I give up on ever working with AWS again. My security group setting allow port 3000 which is being forwarded to port 80 already. I have rebooted, done a stop start, created a new AWS account, and allowed traffic on port 80. Does anyone know of what else this could be?
My local OS is Ubuntu 20.04.
To make port 80 accessible to a computer on the Internet (assuming that it is working on localhost):
The Amazon EC2 instance should be in a public subnet (if you can SSH to it, then this is true)
A public IP address should be assigned to the instance (again, if you can SSH to it, then this is true)
A Security Group associated with the instance should permit inbound access on port 80 from 0.0.0.0/0 (meaning the whole Internet)
There is no need for the Inbound Rule that references port 3000 since you are wanting incoming traffic on port 80 only (I presume).
If your app is still timing-out with the above configuration, then you'll need to debug what it is attempting to do. You could, for example, temporarily open the Security Group for all ports just to confirm that it is not the cause of the problem.
I am currently running my node.js web app on port 80 on my Mac with domain www.aaa.com,
But now I want to add a Wordpress(Apache) on 80 on this Mac machine too with domain www.bbb.com,
how do I configure the virtualhost? I tried many researches on the internet, but no luck , can anyone tell me how? Thanks!
If you can have multiple public IP addresses, you just need to:
map each of the domains to a different IP address
have node.js and Apache listen on one of the IP addresses each
If not (you only have a single IP address), you'll need to have one of the two servers take port 80 and forward/proxy the data to the other (listening on a separate port) for its requests. Or, alternatively, use a reverse proxy (such as pound) to do this job (you then have the reverse proxy on port 80, and both node.js and Apache on other ports).
I setup a virtual box in my local Windows 7 OS, the guest OS is CentOS.
I am using NAT, and I added the port forwarding rules in the Network settings.
After I started the application, I tried in the CentOS as localhost: 3000, and I can access the webpage.
However, when I tried localhost: 38888 and 127.0.0.1:38888 or 0.0.0.0:38888 in my Windows7, I can't access the application.
I tried start the nginx in the guest OS and added a rule for forwaring host's port to guest's port, and I can access it.
Does anyone know why?
I can't post the screenshot of the port forwarding rule, so I will explain at here:
I added a rule named rule which is using TCP protocal, and it is forwarding from host's port 38888 to guest's 3000
At last, I changed the MEAN.JS application's startup port as 80 (obviously this is not a good practice), and it works.
My guess is the VM's guest OS blocks the request to other port. I will go some deep investigation.
I develop websites with rails, and I was looking for a simple way to setup a dynamic name resolution for my app. The final product I need is to is: Every time I start a rails application (by typing rails server on my application folder, I want to run it on a random port and if I type the application name on my browser (like myapp.dev or something) it resolves to the localhost on the correct port.
The part of getting the app name and generating a random port is not the problem. The problem is how to resolve a name to a local port. Is there any simple tool on linux that allows me to do this?
Right now, the best I can think off is start a daemon that keeps track of when a rails app is started, annotate the port, and add an entry to itself in /etc/host with the app name. Then, whenever it receives a request, it forward to the correct app based on the name.
I can't believe this is the best way so ideas are highly appreciated.
I'm not sure if I understand your problem correctly, but DNS it not about ports. By using DNS you can resolve the name to IP not port or from IP to name (RevDNS). What you would do in your case is during start up of application on random port, forward another port which will be always the same.
For instance:
By iptables forward port 80 to random port of your application. Then you will always get to application by port 80.
Edit: I couldn't paste it in the comment because it's too long, so I give you answer here:
You can create a lot of iptables rules and first application will be on port 80, next 81, and so on.In browser you have to type then: apps.test.com (first app) , apps.test.com:81 (second app)..
Another solution: if you want to have diffrent domains (not type a port after colon), you can use proxy server,
and use VirtualHost to redirect to particular apps. In proxy configuration you can define that app1.test.com goes to port e.g 8888, app2.test.com goes to port 8889 and then during start up your app you can create iptables rule or ssh tunel to redirect whole traffic from port 8888 to your random port of
ruby application. To don't do it more complicated, it would be nice that these port
which you configure in proxy, are not used by your ruby application. Also you can check, iptables
"string match" option; Match Host field of HTTP request and then analogously during start up apps,
create iptables rule which will redirect everything which goes to port 80 with specify Host field to
your ruby app port. The last option would be using SRV dns record, but it's rather useless in your
situation. But anyway you can play around with all of these options, and choose one which is the best for
you.
I am setting up a failover server for our website using keepalive.
I have been following this tutorial that feets exactly my needs:
- http://blog.profitbricks.de/failover-und-loadbalancing-loesung-bei-profitbricks/
For a couple of days, everything worked well with keepalive and the virtual ip.
Suddently, the VIP is unreachable on port 80 but still reachable on port 443.
Facts:
ip addr show => i do see the VIP only in one of the frontends.
From the frontend itself, if i query it using it's public IP (the
non vip one) it does work on port 443 and 80.
From anywhere if i use the virtual ip and https, i can reach our application and i do see it in the http server logs.
In syslog i have weird messages like this one for every test i do that use port 80 on the VIP ==> /var/log/kern.log <== Nov 18 15:00:07 localhost kernel:
[14045.457450] IPVS: rr: TCP 'the virtual ip':80 - no destination
available
Hopefully it is not in production yet and if you can help me on that i would be really thankful :)
In case someone search for the terms in this question:
The port 443 was reachable because the server that had the VIP was correct and there was no load balancing on port 443.
The port 80 was unreachable because i didn't setup the iptables correctly on one of the two servers and load balancing was supposed to be done using NAT (bypass_ipvs.sh).
Conclusion: if you need failover and no loadbalancing (which is uncommon) then the mentionned configuration is too much and not adapted.