I need to run several docker containers running apache.
To centralize the log files in single location, I want to use the hostname of the docker container where apache is running (not the virtual server name) as a part of the log file name, i.e. I need something like /var/log/apache2/${APP_NAME}.access.${HOSTNAME}.log
I prepared a virtual host config like this:
<VirtualHost *:80>
...
...
...
ErrorLog /var/log/apache2/${APP_NAME}.error.log
LogLevel warn
LogFormat "%V - %{CLIENTIP}e %l %u [%{%d/%b/%Y %T}t.%{msec_frac}t %{%z}t] \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-agent}i\"" extended
CustomLog /var/log/apache2/${APP_NAME}.access.${HOSTNAME}.log extended
</VirtualHost>
where $HOSTNAME and $APP_NAME are environment variables passed by the shell where apache is running.
This configuration seam to work, in the sense that when apache is running in docker container named ad331fa1 it creates a file named like /var/log/apache2/myappname.access.ad331fa1.log
But.... the timetaken to handle the request increased by 4-5 seconds per request!!
This happens only for requests that are handled by the php engine, while no delay is added when serving static files (.img, .css, etc...)
The problem disappears when using a config like this:
<VirtualHost *:80>
...
...
...
ErrorLog /var/log/apache2/${APP_NAME}.error.${HOSTNAME}.log
LogLevel warn
LogFormat "%V - %{CLIENTIP}e %l %u [%{%d/%b/%Y %T}t.%{msec_frac}t %{%z}t] \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-agent}i\"" extended
CustomLog /var/log/apache2/${APP_NAME}.access.log extended
</VirtualHost
i.e. removing the $HOSTNAME solve the issue.
Note that both $APP_NAME and $HOSTNAME are environment variables, but the issue happens only when $HOSTNAME is used in the log file name.
Any suggestion?
Related
I am setting up a LAMP app in a docker container hosted in ubuntu. I am a docker noob
I generated the CSR on the server that is hosting the docker container that has the public IP and domain i am using.
In my Docker file I have
COPY ./dev.key /etc/apache2/ssl/dev.key
COPY ./dev.combined /etc/apache2/ssl/dev.combined
Then in the apache.conf i have
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/dev.combined
SSLCertificateKeyFile /etc/apache2/ssl/dev.key
ServerAdmin admin#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
The problem is when i try to start apache I get the error:
AH02565: Certificate and private key 127.0.0.1:443:0
from /etc/apache2/ssl/dev.combined and /etc/apache2/ssl/dev.key do not
match AH00016: Configuration Failed
There is something i am not understanding in configuring this docker image.
The Domain has a real public IP , so the CSR and Cert need to point to this IP.
Am I setting up something incorrectly in Docker so it thinks it is running 127.0.0.1 and not the IP i need?
Thanks for any help. I am in way over my head.
I found the solution.
I was close. I had to make a couple of changes
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/dev.crt
SSLCertificateKeyFile /etc/apache2/ssl/dev.key
SSLCertificateChainFile /etc/apache2/ssl/dev.ca-bundle
But the thing that fixed the 'Certificate and private' error..
I had to add my domain in my /etc/host on the server that hosted the docker
127.0.0.1 mydomain.dev localhost
I have a Docker container running Apache that is currently listening to the port 80.
I am trying to run another website on the same server, using Apache natively this time, also listening to the port 80.
The problem is that I cannot have both applications listening to the same port (Docker and Apache).
Can I set up the server’s native Apache installation to redirect internally certain requests based on the domain name to my Docker container? For instance, Apache would listen to the port 80 and requests to mycontainer.com would be internally transferred to the port 9999 to which Docker would listen.
Yes, you can do that. The first time I wanted to test, this is the way I did and worked with no issue.
We have an Apache container running to port 80, and let us call another domain like mycontainer.com that we want to be accessible on port 80 too but we cannot.
No matter how do you run these containers, I mean by docker run or docker-compose, but the point is they should be in the same network.
Create a network called my_network:
docker network create my_network
I call the first Apache as main and the latter as the_name one.
So now let us run both in the same network:
docker run --name main --network my_network httpd
docker run --name the_name --network my_network another_image
Now you can exec into the the_name container and create a domain.conf file in Apache conf path with below contents:
<VirtualHost *:80>
ServerName mycontainer.com
ProxyPreserveHost On
ProxyPass "/" "http://the_name:9999/"
ProxyPassReverse "/" "http://the_name:9999/"
ProxyRequests Off
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
I Guess it is possible with Apache named virtual host and Proxy Pass.
You can try something like below. Just make sure you enabled apache mod_proxy.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName app-running-in-docker-container.com
ErrorLog "var/log/container_error_log"
CustomLog "var/log/container_access_log" common
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:999
ProxyPassReverse / http://127.0.0.1:999
</VirtualHost>
<VirtualHost *:80>
ServerName app-running-natively.com
DocumentRoot /path/to/project/doc/root
ErrorLog "var/log/nativelyapp_error_log"
CustomLog "var/log/nativelyapp_access_log" common
</VirtualHost>
I am using spree-multi-domain
store1.localhost:3000 is working fine locally
but when I moved my code on the live server I am unable to make it working.
When I hit URL store1.mydomain.com it is giving me an error.
ERROR:
This site can’t be reached
abc.mydomain.com’s server IP address could not be found.
DNS_PROBE_FINISHED_NXDOMAIN
Also I have tried adding this
config.action_dispatch.tld_length = 2
in config/enviroments/production.rb
I am on apache server . Do I need to do anything on server side as well to make it working ?
Apache Config:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
ServerName mydomain.com
ServerAlias mydomain.com rails
# ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/
#DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
in /etc/apache2/sites-available/000-default.conf
Server name missing from your apache config for subdomain:
<VirtualHost *:80>
ServerName store1.mydomain.com
# Tell your app's 'public' directory path
DocumentRoot /var/www/store1.mydomain.com/public
</VirtualHost>
For dynamic or n subdomains:
<VirtualHost *:80>
ServerName mydomain.com
ServerAlias *.mydomain.com
# Tell your app's 'public' directory path
DocumentRoot /var/www/mydomain.com/public
</VirtualHost>
I'm using Fedora 14 and httpd timeout a lot.
Is there a log or something that tell me how many connnections to httpd and mysqld every second/minutes...etc
I'm very new to linux, please help me :)
You can view the Access Log in httpd to see requests:
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log common
May be different for your version:
Access Log
Or if the established session is timing out too early, set KeepAlive and KeepAliveTimeout:
KeepAlive
KeepAliveTimeout
I'm trying to configure SSL on EC2onrails with no luck. At present I am unable to even telnet into my server at port 443, it simply says trying MY.IP.ADDRESS... and stays there indefinitely. Telnet into 80 works fine.
This was my starting point. I followed the instructions exactly, and because I have a go daddy cert I created this custom default-ssl file so I could add the SSLCertificateChainFile directive:
NameVirtualHost *:443
<VirtualHost *:443>
Include /etc/apache2/sites-available/app.custom
Include /etc/apache2/sites-available/app.common
ErrorLog /mnt/log/apache2/error.log
LogLevel warn
CustomLog /mnt/log/apache2/access.log combined
# see http://httpd.apache.org/docs/2.2/ssl/ssl_intro.html and http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
SSLEngine On
SSLCertificateFile /etc/ec2onrails/ssl/cert/ec2onrails-default.crt
SSLCertificateKeyFile /etc/ec2onrails/ssl/private/ec2onrails-default.key
SSLCertificateChainFile /etc/ec2onrails/ssl/cert/ec2onrails-chain.crt
RequestHeader set X_FORWARDED_PROTO 'https'
ServerName MY_SERVER_NAME
</VirtualHost>
Note that I had to add
ServerName MY_SERVER_NAME
Or else I saw the following warning at apache startup in the error.log file:
[Wed May 27 19:46:20 2009] [warn] RSA server certificate CommonName (CN) ` MY_SERVER_NAME' does NOT match server name!?
I have run cap ec2onrails:server:enable_ssl, apache boots up cleanly, regular access over port 80 works, and apache access logs indicate no request activity to port 443. I know apache is loading my default-ssl config files because if I type gobbledygook in them it complains at startup.
Has anyone else successfully gotten SSL working with EC2onRails? What else can I do to debug this issue? Right now I am using ec2onRails version 0.9.9.1 which is based on a version of Ubuntu.
OK I figured it out. Amazon's EC2 has it's own firewall as part of its "security group" concept. This firewall was blocking port 443.