OnPremise Deployment

Thomas · November 25, 2020, 3:24pm

I am deploying a test-server in AWS-Cloud with brxm 14.2.2, following the steps here:
https://documentation.bloomreach.com/14/library/deployment/configuring/prepare-the-environment.html

This is my environment:
Ubuntu 18.04
MySql 5.7 running on localhost
tomcat 9
Apache2 as proxy

I am struggling with the proxy configuration.

This is my configuration for apache2:

<VirtualHost *:443>
  ServerName cms-test.lienas.de

  # SSL Engine
  SSLEngine on

  SSLCertificateFile /etc/apache2/ssl/server.crt
  SSLCertificateKeyFile /etc/apache2/ssl/server.key

  SSLHonorCipherOrder On
  SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
  BrowserMatch "MSIE [6-9]" ssl-unclean-shutdown

  <Location />
    Order deny,allow
    Allow from all
  </Location>

  RequestHeader set X-Forwarded-Proto https

  ProxyPreserveHost Off

  #INCLUDE THE EXTRA PROXYPASS RULE FOR /site HERE
  ProxyPass /site/ http://127.0.0.1:8080/site/
  ProxyPass / http://127.0.0.1:8080/cms/
  ProxyPassReverse / http://127.0.0.1:8080/cms/
  ProxyPassReverseCookiePath /cms /
</VirtualHost>

<VirtualHost *:80>
  ServerName dev2.outsourcing.de
  # everything that does not match cms.example.com also goes to the site application
  ServerAlias *.outsourcing.de

  ProxyPreserveHost  On
  ProxyPass  / http://127.0.0.1:8080/site/
  ProxyPassReverse  / http://127.0.0.1:8080/site/
  ProxyPassReverseCookiePath  /site /
</VirtualHost>
<VirtualHost *:443>
  ServerName dev2.outsourcing.de
  ServerAlias *.outsourcing.de
  # SSL Engine
  SSLEngine on

  SSLCertificateFile /etc/apache2/ssl/server.crt
  SSLCertificateKeyFile /etc/apache2/ssl/server.key

  SSLHonorCipherOrder On
  SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
  BrowserMatch "MSIE [6-9]" ssl-unclean-shutdown

  <Location />
    Order deny,allow
    Allow from all
  </Location>

  RequestHeader set X-Forwarded-Proto https

  ProxyPreserveHost On

  ProxyPass / http://127.0.0.1:8080/site/
  ProxyPassReverse / http://127.0.0.1:8080/site/
  ProxyPassReverseCookiePath /site /
</VirtualHost>


<VirtualHost *:80>
  ServerName dev2.lienas.de
  # everything that does not match cms.example.com also goes to the site application
  ServerAlias *.lienas.de

  ProxyPreserveHost  On
  ProxyPass  / http://127.0.0.1:8080/site/
  ProxyPassReverse  / http://127.0.0.1:8080/site/
  ProxyPassReverseCookiePath  /site /
</VirtualHost>
<VirtualHost *:443>
  ServerName dev2.lienas.de
  ServerAlias *.lienas.de
  # SSL Engine
  SSLEngine on

  SSLCertificateFile /etc/apache2/ssl/server.crt
  SSLCertificateKeyFile /etc/apache2/ssl/server.key

  SSLHonorCipherOrder On
  SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
  BrowserMatch "MSIE [6-9]" ssl-unclean-shutdown

  <Location />
    Order deny,allow
    Allow from all
  </Location>

  RequestHeader set X-Forwarded-Proto https

  ProxyPreserveHost On

  ProxyPass / http://127.0.0.1:8080/site/
  ProxyPassReverse / http://127.0.0.1:8080/site/
  ProxyPassReverseCookiePath /site /
</VirtualHost>

And my Host-configuration in brxm for is:

/hst:hosts:
  jcr:primaryType: hst:virtualhosts
  jcr:uuid: 11963438-e4e1-4c9b-a219-20b35bd54127
  /dev-localhost:
    jcr:primaryType: hst:virtualhostgroup
    jcr:uuid: f72a5a75-9f17-4c57-bee0-7c9544ecdcf7
    hst:defaultport: 8080
    /localhost:
      jcr:primaryType: hst:virtualhost
      jcr:uuid: 430d4b23-d3c3-4d33-a122-95edcb6eac1f
      /hst:root:
        jcr:primaryType: hst:mount
        jcr:uuid: b4e45e2a-8b0a-4ffd-9da7-f30a029a88d3
        hst:homepage: root
        hst:locale: de_DE
        hst:mountpoint: /hst:osde_40/hst:sites/osde_40
        /lienas:
          jcr:primaryType: hst:mount
          jcr:uuid: b41b4547-3d13-445e-aab1-ae6f9a9bd955
          hst:homepage: lienas
          hst:locale: de_DE
          hst:mountpoint: /hst:osde_40/hst:sites/lienas
  /test:
    jcr:primaryType: hst:virtualhostgroup
    jcr:uuid: dd0bcf08-de34-4bf5-9c2a-4c776ba32dad
    /de:
      jcr:primaryType: hst:virtualhost
      jcr:uuid: 1515e220-184a-49f4-b411-0392cce21b56
      /outsourcing:
        jcr:primaryType: hst:virtualhost
        jcr:uuid: 461784f2-c68f-4c79-9b24-fcf3f902723e
        /dev2:
          jcr:primaryType: hst:virtualhost
          jcr:uuid: 7ecfc90d-4ded-4f80-b533-0ffe010529f5
          /hst:root:
            jcr:primaryType: hst:mount
            jcr:uuid: 471459b0-a523-46d4-8c82-7f2f2d577c2b
            hst:homepage: root
            hst:locale: de_DE
            hst:mountpoint: /hst:osde_40/hst:sites/osde_40
      /lienas:
        jcr:primaryType: hst:virtualhost
        jcr:uuid: 36e6a21b-0dc2-4f68-a755-ba94b33f1690
        /dev2:
          jcr:primaryType: hst:virtualhost
          jcr:uuid: f52501ed-274b-41b1-a586-19576eaaa994
          /hst:root:
            jcr:primaryType: hst:mount
            jcr:uuid: 0291498c-e895-4d1e-acee-ed6e01bd9826
            hst:homepage: lienas
            hst:locale: de_DE
            hst:mountpoint: /hst:osde_40/hst:sites/lienas

and for the platform:

/hst:hosts:
  jcr:primaryType: hst:virtualhosts
  jcr:uuid: cbf0b633-870e-446b-95f2-0977c5276a08
  /dev-localhost:
    jcr:primaryType: hst:virtualhostgroup
    jcr:uuid: 36b9b5c0-c8f9-444f-8956-3726b26aec66
    /localhost:
      jcr:primaryType: hst:virtualhost
      jcr:uuid: 5b88c6d7-2d55-4c65-8731-f66062c5cc79
      /hst:root:
        jcr:primaryType: hst:mount
        jcr:uuid: c85b704a-46db-44b0-92f1-6de015234c70
        hst:ismapped: false
        hst:namedpipeline: WebApplicationInvokingPipeline
  /test:
    jcr:primaryType: hst:virtualhostgroup
    jcr:uuid: 81f90340-93e6-43a8-ab30-89534c02d673
    /de:
      jcr:primaryType: hst:virtualhost
      jcr:uuid: 71fb1ea6-2c32-4611-bde2-b9c75d8d76dd
      /lienas:
        jcr:primaryType: hst:virtualhost
        jcr:uuid: 1f7a6aa5-f9c1-445e-92af-a87a1e869e84
        /cms-test:
          jcr:primaryType: hst:virtualhost
          jcr:uuid: 0d049711-9df4-4a0f-ba70-3b47bea898be
          /hst:root:
            jcr:primaryType: hst:mount
            jcr:uuid: 770de0fc-de2b-4ba4-8430-23207d70affc
            hst:ismapped: false
            hst:namedpipeline: WebApplicationInvokingPipeline

DNS entries are set.
What is working:

access proxy by ip and dns-name of aws
access cms by ip or dns-name(aws) , [ip]:8080/cms
access content inside cms

What is not working:

access any web-app by the configured url (cms-test.lienas.de / dev2.lienas.de/dev2.outsourcing.de) → Internal Server Error
no channels visible in cms → no preview of sites

Any hints are welcome!

Thomas · December 5, 2020, 1:42pm

Update: I managed to get the environment running.

There is only 1 remaining problem!

When I boot the server: cms ist started - but something goes wrong:
catalina.out is written in CATALINA Home in /usr/local/tomcat/logs and brxM is not started!
Seems that Catalina Base, with all the configuration, is not used, allthoug the init script is used!

I have to stop the service (e.g. with systemctl stop cms.service)- switch user to cms and start with /etc/init.d/cms start

I checked the configuration according to the documentation.
I am running on Ubuntu 18.04 with tomcat 9 !

Thomas

Topic		Replies	Views
Malformed CMS-authentication request when proxying on different CMS and HST domains Experience Manager (PaaS/OnPrem)	5	904	May 1, 2019
Reverse Proxy Issues on-premise deployment w/ v14.6.2 Experience Manager (PaaS/OnPrem)	2	369	October 12, 2021
Can we skip configuring the reverse proxy for version 14.2 Experience Manager (PaaS/OnPrem)	10	442	June 23, 2021
Combination nginx & docker not working Experience Manager (PaaS/OnPrem)	6	1707	May 8, 2020
iFrame Error in cms of test-environment Experience Manager (PaaS/OnPrem)	3	786	February 12, 2020

OnPremise Deployment

Related Topics