proxy-example.conf revision 2300
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
#
#
# The canonical (and most recent) version of this document resides in the image
# packaging project source tree. To view it online, visit
#
# This file contains example apache configuration snippets to show you how to
# configure apache as a reverse proxy with IPS package depot servers. The
# document is divided into 2 main sections.
#
# Section 1: Generic apache configuration settings we recommend.
# Section 2a: A simple prefixed proxy config (http://pkg.example.com/myrepo)
# Section 2b: A load balanced prefixed proxy config (http://pkg.example.com/myrepo)
#
# Sections 2a and 2b are two different configuration alternatives. Select
# one which most closely matches your site's requirements.
#
# A word on non-prefixed proxy configurations: It is straightforward to run
# a depot server at the "root" of a website hierarchy. However, in general,
# we *do not* recommend this model. Instead, use the examples shown below.
# We found that depot urls like http://pkg.example.com are initially convenient
# for users, but rapidly become very difficult to manage as soon as you want to
# have two different repositories.
#
#
# This configuration was most recently tested with Apache 2.2.11, and that
# is the minimum version we recommend.
#
# In this example, substitute for "internal.example.com:10000" the name and port
# number of your backend server.
#
#
# Section 1: Here is some common configuration we use for our production servers.
#
#
# HTTP clients can tell the server that they accept compressed
# data in an HTTP request. So, we enable apache's DEFLATE filter.
# This can dramatically reduce the over-the-wire size of metadata such
# as catalogs and manifests, which often compress 90%.
#
#
# Packages may contain URL encoded forward slashes. To make sure these are
# not interpreted as directory delimiters Apache can be instructed to just
# leave them as they are.
#
#
# Crank up MaxKeepAliveRequests so that clients can make a large number
# of pipelined requests without closing the connection. This is
# important for transport v1, so that we can do thousands of file
# transfers over the same connection. Apache's default is too low: just
# 100.
#
# http://httpd.apache.org/docs/2.2/mod/core.html#maxkeepaliverequests
#
MaxKeepAliveRequests 10000
#
# We set the proxy timeout to 30 seconds-- if CherryPy is taking longer
# than that to respond, something is wrong.
ProxyTimeout 30
#
# Make sure that forward proxying is disabled. See
# http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxyrequests
#
#
# Section 2a: Basic proxy configuration.
# Here is the basic configuration for a non-load-balanced depot server.
# In this example, we connect
#
# http://pkg.example.com/myrepo --> internal.example.com:10000
#
# Please note that the repository server (pkg.depotd) should also be configured
# With a pkg/proxy_base setting which names the URL at which it can be accessed.
# This can be done as follows:
#
# svccfg -s pkg/server:default "setprop pkg/proxy_base = astring: http://pkg.example.com/myrepo"
#
#
# We use disablereuse (which forces apache to reconnect to the backend all
# the time) to work around a bug in CherryPy 3.1 in which it can send
# inappropriate HTTP 408's. Track
# http://defect.opensolaris.org/bz/show_bug.cgi?id=8903 for status.
# When we move to the new "GET" based transport (track bug
# http://defect.opensolaris.org/bz/show_bug.cgi?id=8902 for status),
# it will be important to have reuse enabled, or performance will suffer.
#
# We use nocanon to supress canonicalization of urls-- this is important
# for properly working search (as of search v1).
#
#
# Section 2b: Load balanced configurations.
#
# It may also be desirable to run servers behind an apache load balancer. In
# this example, we connect:
#
# http://pkg.example.com/myrepo -.---> internal1.example.com:10000
# \--> internal2.exmaple.com:10000
#
# As in section 2a, depot servers must be configured with an appropriate
# proxy_base setting. See above.
#
#
# We use disablereuse (which forces apache to reconnect to the backend all
# the damn time) to work around a bug in CherryPy 3.1 in which it
# can send inappropriate HTTP 408's. Track
# http://defect.opensolaris.org/bz/show_bug.cgi?id=8903 for status.
#
# depot on internal1
# depot on internal2
</Proxy>
#
# We use nocanon to supress canonicalization of urls-- this is important
# for properly working search (as of search v1)
#