Welcome to this hands-on lab for setting up an Apache web server as a proxy front end to Tomcat, a Java-based application platform built around deploying and managing Java Web Applications.
The provided server is running Red Hat Enterprise 8. Tomcat 9 is pre-installed and available for you on port **8080** at the server’s public IP address. You will be tasked with making Tomcat available on port **80** via the Apache httpd server.
Once you have completed the task you will need to test, to ensure you can connect via port **80** and access the Tomcat GUI.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Test to Ensure You Can Access the Preconfigured Tomcat Instance by Using the Server’s Public IP Address and Port 8080
It may take from 3 to 10 minutes after the hands-on lab has started before you can access the Tomcat server on port 8080.
To access the server, copy the external IP address (from the hands-on lab overview page) and test in your browser by using this IP address and appending :8080 to it.
For example, if the IP address shown was 3.92.152.3 then you would put the following URL into your web browser:
http://3.92.152.3:8080
You should be able to see the GUI.
- Install the Apache Web Server onto the Provided Lab Server
Log into the server’s console and install the Apache web server:
sudo dnf install httpd sudo systemctl enable httpd sudo systemctl start httpdGo to a browser and test that the Apache web server is working. You should see the default Apache web page.
- Configure the Apache Web Server, via Virtual Host Setup, as a Proxy to the Tomcat Instance
Create a virtual host entry inside an Apache configuration file. This file should be called
tomcat_manager.conf:sudo vim /etc/httpd/conf.d/tomcat_manager.confYou can use the following as an example of what needs to be inside this configuration file:
<VirtualHost *:80> ServerAdmin root@localhost ServerName myserversystem.mylabserver.com DefaultType text/html ProxyRequests on ProxyPreserveHost On ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ </VirtualHost>- Either Disable or Change SELinux so That the Proxy Will Work
SELinux is enabled on the hands-on lab server. You can choose to disable it or adjust it so it will allow the Apache web server to act as a proxy.
To disable SELinux you would do the following:
sudo setenforce permissiveThen edit the SELinux configuration file to make the server permissive:
sudo vim /etc/selinux/configOnce in the editor, change this line:
SELINUX=enforcingMake it
permissive, instead ofenforcing:SELINUX=permissiveThen save the file.
If you wish to keep SELinux enabled and allow it to permit the Apache web server to work as a proxy, you would run the following commands:
sudo setsebool -P httpd_can_network_connect 1 sudo setsebool -P httpd_can_network_relay 1 sudo setsebool -P httpd_graceful_shutdown 1 sudo setsebool -P nis_enabled 1- Restart the Apache Web Server and Look for Errors
Restart the Apache web server and check for errors:
systemctl restart httpdIf there are errors and Apache does not start, then troubleshoot those errors.
- Test You Can Access Tomcat via Port 80
You should be able to see the Tomcat GUI being served out on port 80.
If this does not work, or there is an error, troubleshoot the installation.
