[Freeipa-users] FreeIPA behind Apache Reverse Proxy and Load Balancer
deepak dimri
deepak.dimri2016 at gmail.com
Sat Nov 26 17:48:59 UTC 2016
Hi All,
I want to configure Apache reverse proxy to load balance/failover between
two IPA servers. I have referred
*https://www.adelton.com/freeipa/freeipa-behind-proxy-with-different-name
<https://www.adelton.com/freeipa/freeipa-behind-proxy-with-different-name>* to
configure reverse proxy and it all works fine with one IPA server but i
want to load balance across two IPA Servers using Proxy Balancer module.
What should be the configuration for RequestHeader edit Referer with Proxy
balancer? In another thread*
https://www.mail-archive.com/freeipa-users@redhat.com/msg24644.html
<https://www.mail-archive.com/freeipa-users@redhat.com/msg24644.html> *Peter
has mentioned cookie rewriting or 2 VHs and i will try VH option. But it
will really help and will save my time if some one can share full working
configuration. I tried below configuration but its failing at RequestHeader
edit Referer.
<VirtualHost *:443>
<Proxy balancer://ipacluster>
# IPA Server 1
BalancerMember https://ipa1.int.com/
# IPA Server 2
BalancerMember https://ipa2.int.com/
</Proxy>
SSLEngine On
SSLProxyEngine On
LogLevel debug
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
ProxyRequests off
ProxyPass / balancer://ipacluster/
ProxyPassReverse / balancer://ipacluster/
ProxyPassReverseCookieDomain ipa1.int.com ipa.ext.com
RequestHeader edit Referer ^https://ipa\.ext\.com/
https://ipa1.int.com/
ProxyPassReverseCookieDomain ipa2.int.com ipa.ext.com
RequestHeader edit Referer ^https://ipa\.ext\.com/
https://ipa2.int.com/
</VirtualHost>
Many Thanks,
Deepak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161126/2b32fdaa/attachment.htm>
More information about the Freeipa-users
mailing list