[mod_cluster-issues] [JBoss JIRA] (MODCLUSTER-701) Provide end-to-end HTTP/2 proxy connection

Tomas Briceno Fernandez (Jira) issues at jboss.org
Tue Sep 24 05:58:00 EDT 2019 

Tomas Briceno Fernandez created MODCLUSTER-701:
--------------------------------------------------

             Summary: Provide end-to-end HTTP/2 proxy connection
                 Key: MODCLUSTER-701
                 URL: https://issues.jboss.org/browse/MODCLUSTER-701
             Project: mod_cluster
          Issue Type: Bug
          Components: Native (httpd modules)
         Environment: Apache httpd 2.4
            Reporter: Tomas Briceno Fernandez
            Assignee: Radoslav Husar


It should be possible to set up end-to-end HTTP/2 connections. Currently this is not possible in mod_cluster as per JBCS-327.

It is possible to achieve end-to-end HTTP/2 proxy with mod_proxy_balancer with the following configuration for httpd and JWS Tomcat:
{code:title=httpd.conf|borderStyle=solid}
LoadModule mpm_event_module modules/mod_mpm_event.so

LoadModule proxy_module modules/mod_proxy.so

LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so

LoadModule ssl_module modules/mod_ssl.so
LoadModule http2_module modules/mod_http2.so
LoadModule proxy_http2_module modules/mod_proxy_http2.so
LoadModule proxy_http_module modules/mod_proxy_http.so


<VirtualHost _default_:9443>
    Protocols h2 h2c
    ProtocolsHonorOrder on

    ProxyPass "/" "balancer://mycluster" stickysession=JSESSIONID|jsessionid scolonpathdelim=On
    ProxyPassReverse "/" "https://localhost:9443"
    <Proxy "balancer://mycluster">
       BalancerMember "h2://127.0.0.1:8081" route=node1
       BalancerMember "h2://127.0.0.1:8082" route=node2
    </Proxy>

    ServerName localhost:9443
    ServerAdmin you at example.com
    
    SSLEngine on
    SSLProxyEngine on
    SSLProxyCheckPeerName Off
    SSLVerifyClient none
    SSLProxyVerify none

    SSLCertificateFile "/etc/pki/tls/certs/localhost.crt"
    SSLCertificateKeyFile "/etc/pki/tls/private/localhost.key"

</VirtualHost>
{code}

{code:title=server.xml|borderStyle=solid}
<?xml version="1.0" encoding="UTF-8"?>
<Server port="8007" shutdown="SHUTDOWN" address="localhost" >
  ...
  <Service name="Catalina">
    <Connector
      port="8081"
      protocol="org.apache.coyote.http11.Http11NioProtocol"
      maxThreads="150"
      SSLEnabled="true"
      connectionTimeout="20000"
      sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
      keystoreFile="localhost.jks"
      keystorePass="changeit"
      address="localhost"
      >
          <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    </Connector>
    <Engine name="Catalina" defaultHost="localhost" jvmRoute="node1">
     ...
    </Engine>
  </Service>
</Server>
{code}




--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the mod_cluster-issues mailing list