Nginx – Setup a Reverse Proxy with Nginx and Apache on EC2

amazon ec2apache-2.2nginx

Good Day,

I am currently using the free Amazon EC2 micro instance to learn Linux and server setup.

I wish to setup Nginx as a reverse web proxy. I found a great article on mediatemple on how to do it: http://wiki.mediatemple.net/w/Using_Nginx_as_a_Reverse_Web_Proxy

The directions work for most any server except for EC2.One difference between EC2 and MediaTemple is how IPs work. Overall EC2 instances do not know their elastic IP. So when following the wiki directions in the virtual hosts for instance instead of myip:80 for instance I put *:80. When just using Apache this works perfectly.

In the apache virtual hosts I did "127.0.0.1:80" and in the Nginx I put *:80.

Apache restarts, by Nginx provides an error that it cannot bind because the ip is already in use. If I could add an actual IP in the Nginx file it would work but since EC2 requires me to put in the asterisk it ends up conflicting with the apache virtual hosts entry.

Anyone know a simple way around this (other than not using EC2) 😉 Thank you!

Cheers,
Christopher

Best Answer

Your problem has nothing to do with Elastic IPs. The issue is that both Nginx and Apache can't both be listening on Port 80. The simple solution is to change the port that Apache listens on, to 81 or 8080 as examples, while allowing Nginx to listen on port 80 (because when someone types in your URL, you want the request going to Nginx, not straight to Apache).

Basically, what you want to do is go through that tutorial, and whenever you see a reference to Apache and port 80, use a different port like 8080 or 81. Then you need to update your Nginx config to tell it to look for Apache on your new port.

Restart both services and you will be good to go.

Related Solutions

Linux – How to setup Apache Proxy for a small fleet of EC2 instances

what you asked is a very common situation where in applications may not be running on Gateway and they may be running on some server in LAN but to the world it appears it is coming from requested_url.com

I run 4 websites with Apaches mod proxy and at least 15 different services on these 4 different websites depend upon them.I do not have an experience of Amazon EC2 but Amazon EC2 uses Xen as its backend. Let us say the main machine which faces internet and has a public IP be called dom0 now read in the following terminology

Dom0  with IP      192.168.0.100 (This will be our Server facing internet)
DomU1 with IP      192.168.0.11
DomU2 with IP      192.168.0.12
DomU3 with IP      192.168.0.13
DomU4 with IP      192.168.0.14

I am assuming you have a local dns on Dom0 (or some where in your network ) which knows the DomU IPs with names.(If not life will be difficult) then in apache2.conf ( httpd.conf on Fedora type systems)

NameVirtualHost *
    <VirtualHost *>
      ServerName mainserver
            DocumentRoot /var/www
      ProxyRequests Off
           <Proxy *>
     Order deny,allow
           Allow from all
     </Proxy>
         ProxyPass /domu1  http://192.168.0.11/
         ProxyPass /domu2  http://192.168.0.12/
         ProxyPass /domu3  http://192.168.0.13/
         ProxyPass /domu4  http://192.168.0.14/
         ProxyPassReverse /domu1  http://192.168.0.11/
         ProxyPassReverse /domu2  http://192.168.0.12/
         ProxyPassReverse /domu3  http://192.168.0.13/
         ProxyPassReverse /domu4  http://192.168.0.14/
    </VirtualHost>

This way is one way to achieve the things which you asked (how ever not very recommended) if you upgrade the server (i.e. Dom0) the update may over write apache2.conf or httpd.conf what ever be the case. So once you understand what the above entries mean (Check it for your requirements I have struggled a long time back with some thing similar you want hence I gave an easy solution but not recommended). Once you understand the above ProxyPass then create different Virtual Host configurations in sites-available directory if it is a Ubuntu/Debian system or in Red Hat based it will be still possible (you will have to search) I am showing you one so it helps you rest 4-5 you can make on your own
Call this /etc/apache2/sites-enabled/myinterna1.conf it looks as follows

<VirtualHost *:80 >

        ServerName myserver1.com
        ServerAdmin webmaster@localhost

        ProxyRequests off
        <Proxy *>
        Order deny,allow
        Allow from all
        </Proxy>
        ProxyPreserveHost On


        ProxyPass / http://192.168.1.3/
        ProxyPassReverse / http://192.168.1.3/

        ErrorLog /var/log/apache2/server1/server1_error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn
        CustomLog /var/log/apache2/server1/server1_access.log combined
        CustomLog /var/log/apache2/server1/server1-resp_log resp
        LogFormat "%a %{X-Forwarded-For}i  %h %D %t %f %p %>s  %U %v" resp

</VirtualHost>

The above virtualhost will be defined on Dom0 so that all requests are served from an internal server server1.com.The way it will work is some one on internet will type in their browser

 http://requested_url.com/domu1

Now this request reaches Dom0 and Apache Virtual Host on Dom0 checks the Proxy Configuration and finds that /domu1 is mapped to an internal server so it forwards that to the machine which actually has to serve.To the user on internet all this is hidden.

How ever one word of caution while doing so the Apache on Ubuntu system serves the virtual hosts in alphabetical name of vhost file (not server name I am referring to name of file like sorting.c the Apache virtual host file) (that is why there is a file 000-default) on Ubuntu systems so make sure that you have one host more than the number of websites you are to serve (which will serve as error page).This is a standard practise.

NginX as a Reverse Proxy Binding Issues

It is clear from the output you pasted that nginx is trying to bind on port 80 on all available IP addresses, not only on your public address.

You should carefully review all listen directives in the relevant nginx configuration files. You can do this by running grep -r 'listen ' /etc/nginx/*.

If you find output looking like listen 80; (with no IP address specified), you should replace it with listen xx.xx.xx.xx:80, where xx.xx.xx.xx is your public IP address.

Best Answer

Related Solutions

Linux – How to setup Apache Proxy for a small fleet of EC2 instances

NginX as a Reverse Proxy Binding Issues

Related Topic