proxy-example.conf revision 2700
1163N/A# The contents of this file are subject to the terms of the 1163N/A# Common Development and Distribution License (the "License"). 1163N/A# You may not use this file except in compliance with the License. 1163N/A# See the License for the specific language governing permissions 1163N/A# and limitations under the License. 1163N/A# When distributing Covered Code, include this CDDL HEADER in each 1163N/A# If applicable, add the following below this CDDL HEADER, with the 1163N/A# fields enclosed by brackets "[]" replaced with your own identifying 1163N/A# information: Portions Copyright [yyyy] [name of copyright owner] 2300N/A# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. 1163N/A# The canonical (and most recent) version of this document resides in the image 1163N/A# packaging project source tree. To view it online, visit 1163N/A# This file contains example apache configuration snippets to show you how to 1163N/A# configure apache as a reverse proxy with IPS package depot servers. The 1163N/A# document is divided into 2 main sections. 1163N/A# Section 1: Generic apache configuration settings we recommend. 1163N/A# Sections 2a and 2b are two different configuration alternatives. Select 1163N/A# one which most closely matches your site's requirements. 1163N/A# A word on non-prefixed proxy configurations: It is straightforward to run 1163N/A# a depot server at the "root" of a website hierarchy. However, in general, 1163N/A# we *do not* recommend this model. Instead, use the examples shown below. 1163N/A# for users, but rapidly become very difficult to manage as soon as you want to 1163N/A# have two different repositories. 2564N/A# This configuration was most recently tested with Apache 2.2.21, and that 1163N/A# is the minimum version we recommend. 1163N/A# number of your backend server. 1163N/A# Section 1: Here is some common configuration we use for our production servers. 1272N/A# HTTP clients can tell the server that they accept compressed 1272N/A# data in an HTTP request. So, we enable apache's DEFLATE filter. 1272N/A# This can dramatically reduce the over-the-wire size of metadata such 1272N/A# as catalogs and manifests, which often compress 90%. 2300N/A# Packages may contain URL encoded forward slashes. To make sure these are 2300N/A# not interpreted as directory delimiters Apache can be instructed to just 2487N/A# leave them as they are. For the "NoDecode" option to work Apache 2.2.18 1163N/A# Crank up MaxKeepAliveRequests so that clients can make a large number 1163N/A# of pipelined requests without closing the connection. This is 1163N/A# important for transport v1, so that we can do thousands of file 1163N/A# transfers over the same connection. Apache's default is too low: just 1163N/A# We set the proxy timeout to 30 seconds-- if CherryPy is taking longer 1163N/A# than that to respond, something is wrong. 1163N/A# Make sure that forward proxying is disabled. See 1163N/A# Section 2a: Basic proxy configuration. 1163N/A# Here is the basic configuration for a non-load-balanced depot server. 1163N/A# In this example, we connect 1163N/A# Please note that the repository server (pkg.depotd) should also be configured 1163N/A# This can be done as follows: 2332N/A# The pkg client opens 20 parallel connections to the server when performing 2332N/A# network operations. Make sure the number of depot threads matches the expected 2332N/A# connections to the server at any given time. The number of threads per depot 1163N/A# We use nocanon to supress canonicalization of urls-- this is important 1163N/A# for properly working search (as of search v1). 1163N/A# Section 2b: Load balanced configurations. 1163N/A# It may also be desirable to run servers behind an apache load balancer. In 1163N/A# As in section 2a, depot servers must be configured with an appropriate 1163N/A# proxy_base setting. See above. 2332N/A # It is advisable to limit the amount of back-end connections to 2332N/A # the number of threads each depot is running divided by the number 2332N/A # of depots in the load-balancer setup. 2332N/A # Otherwise apache opens more connections to a depot than there are 2332N/A # available and they get stalled, which can decrease performance. 2332N/A # Specify the maximum amount of parallel connections to each depot 2332N/A # with the "max=" parameter. 2332N/A # The example below is for two depots each running 200 threads. 1163N/A# We use nocanon to supress canonicalization of urls-- this is important 1163N/A# for properly working search (as of search v1)