/ rhce-new

RHCE : HTTP/HTTPS – Configure a virtual host.

rhce-new redhat-new apache httpd apachectl command /etc/httpd/conf.d/ virtual host /var/www/html/ elinks
https://4am.kr/rhce-http-https-configure-a-virtual-host/

RHCE : HTTP/HTTPS – 가상 호스트 구성

RHCE 주제입니다. 아래 참조된 사이트를 번역 및 내용 추가하였습니다.

사전 준비사항

1. Web Server 패키지 그룹을 설치한다.
[root@server2 ~]# yum search *http
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Warning: No matches found for: *http
No matches found
[root@server2 ~]# yum -y groupinstall "Web Server"
Loaded plugins: fastestmirror, langpacks
There is no installed groups file.
Maybe run: yum groups mark convert (see man yum)
RHELREPO                                                 | 3.6 kB     00:00     
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package crypto-utils.x86_64 0:2.4.1-42.el7 will be installed
--> Processing Dependency: perl(Newt) for package: crypto-utils-2.4.1-42.el7.x86_64
---> Package httpd.x86_64 0:2.4.6-17.el7.centos.1 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-17.el7.centos.1 for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-17.el7.centos.1.x86_64
---> Package httpd-manual.noarch 0:2.4.6-17.el7.centos.1 will be installed
---> Package mod_fcgid.x86_64 0:2.3.9-4.el7 will be installed
---> Package mod_ssl.x86_64 1:2.4.6-17.el7.centos.1 will be installed
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package httpd-tools.x86_64 0:2.4.6-17.el7.centos.1 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
---> Package perl-Newt.x86_64 0:1.08-36.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package           Arch        Version                      Repository     Size
================================================================================
Installing for group install "웹 서버":
 crypto-utils      x86_64      2.4.1-42.el7                 RHELREPO       78 k
 httpd             x86_64      2.4.6-17.el7.centos.1        RHELREPO      2.7 M
 httpd-manual      noarch      2.4.6-17.el7.centos.1        RHELREPO      1.3 M
 mod_fcgid         x86_64      2.3.9-4.el7                  RHELREPO       79 k
 mod_ssl           x86_64      1:2.4.6-17.el7.centos.1      RHELREPO       97 k
Installing for dependencies:
 apr               x86_64      1.4.8-3.el7                  RHELREPO      103 k
 apr-util          x86_64      1.5.2-6.el7                  RHELREPO       92 k
 httpd-tools       x86_64      2.4.6-17.el7.centos.1        RHELREPO       77 k
 mailcap           noarch      2.1.41-2.el7                 RHELREPO       31 k
 perl-Newt         x86_64      1.08-36.el7                  RHELREPO       64 k

Transaction Summary
================================================================================
Install  5 Packages (+5 Dependent packages)

Total download size: 4.6 M
Installed size: 16 M
Downloading packages:
(1/10): apr-1.4.8-3.el7.x86_64.rpm                         | 103 kB   00:00     
(2/10): crypto-utils-2.4.1-42.el7.x86_64.rpm               |  78 kB   00:00     
(3/10): httpd-2.4.6-17.el7.centos.1.x86_64.rpm             | 2.7 MB   00:00     
(4/10): apr-util-1.5.2-6.el7.x86_64.rpm                    |  92 kB   00:00     
(5/10): httpd-manual-2.4.6-17.el7.centos.1.noarch.rpm      | 1.3 MB   00:00     
(6/10): httpd-tools-2.4.6-17.el7.centos.1.x86_64.rpm       |  77 kB   00:00     
(7/10): mailcap-2.1.41-2.el7.noarch.rpm                    |  31 kB   00:00     
(8/10): mod_ssl-2.4.6-17.el7.centos.1.x86_64.rpm           |  97 kB   00:00     
(9/10): perl-Newt-1.08-36.el7.x86_64.rpm                   |  64 kB   00:00     
(10/10): mod_fcgid-2.3.9-4.el7.x86_64.rpm                  |  79 kB   00:00     
--------------------------------------------------------------------------------
Total                                               10 MB/s | 4.6 MB  00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : apr-1.4.8-3.el7.x86_64                                      1/10 
  Installing : apr-util-1.5.2-6.el7.x86_64                                 2/10 
  Installing : httpd-tools-2.4.6-17.el7.centos.1.x86_64                    3/10 
  Installing : mailcap-2.1.41-2.el7.noarch                                 4/10 
  Installing : httpd-2.4.6-17.el7.centos.1.x86_64                          5/10 
  Installing : perl-Newt-1.08-36.el7.x86_64                                6/10 
  Installing : crypto-utils-2.4.1-42.el7.x86_64                            7/10 
  Installing : mod_fcgid-2.3.9-4.el7.x86_64                                8/10 
  Installing : httpd-manual-2.4.6-17.el7.centos.1.noarch                   9/10 
  Installing : 1:mod_ssl-2.4.6-17.el7.centos.1.x86_64                     10/10 
  Verifying  : mod_fcgid-2.3.9-4.el7.x86_64                                1/10 
  Verifying  : httpd-2.4.6-17.el7.centos.1.x86_64                          2/10 
  Verifying  : perl-Newt-1.08-36.el7.x86_64                                3/10 
  Verifying  : httpd-manual-2.4.6-17.el7.centos.1.noarch                   4/10 
  Verifying  : mailcap-2.1.41-2.el7.noarch                                 5/10 
  Verifying  : apr-1.4.8-3.el7.x86_64                                      6/10 
  Verifying  : apr-util-1.5.2-6.el7.x86_64                                 7/10 
  Verifying  : 1:mod_ssl-2.4.6-17.el7.centos.1.x86_64                      8/10 
  Verifying  : httpd-tools-2.4.6-17.el7.centos.1.x86_64                    9/10 
  Verifying  : crypto-utils-2.4.1-42.el7.x86_64                           10/10 

Installed:
  crypto-utils.x86_64 0:2.4.1-42.el7                                            
  httpd.x86_64 0:2.4.6-17.el7.centos.1                                          
  httpd-manual.noarch 0:2.4.6-17.el7.centos.1                                   
  mod_fcgid.x86_64 0:2.3.9-4.el7                                                
  mod_ssl.x86_64 1:2.4.6-17.el7.centos.1                                        

Dependency Installed:
  apr.x86_64 0:1.4.8-3.el7                      apr-util.x86_64 0:1.5.2-6.el7   
  httpd-tools.x86_64 0:2.4.6-17.el7.centos.1    mailcap.noarch 0:2.1.41-2.el7   
  perl-Newt.x86_64 0:1.08-36.el7               

Complete!
[root@server2 ~]# 
2. (만약에 DNS 서버를 구축하지 않았거나, DNS 서버에 서버를 등록이 불가능한 경우) /etc/hosts 파일을 열고, ip 주소와 서버의 도메인 이름을 다음과 같이 추가한다.
[root@server2 ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
1.2.3.4     server2.4am.kr
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
-- 끼워넣기 --                                                1,32         모두
[root@server2 ~]#

노트: 이 부분은 필수가 아니지만, 경고 메시지를 방지해준다.
추가로, ServerName 디렉티브를 /etc/httpd/conf/httpd.conf파일에 설정할 수 있다.

3. 서비스를 부팅시에 활성화하고 시작한다.
[root@server2 ~]# systemctl enable httpd && systemctl start httpd
ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service'
[root@server2 ~]# 
4. HTTP, HTTPS 서비스를 방화벽 설정에 추가하고, 다시 방화벽을 로드한다.
[root@server2 ~]# firewall-cmd --permanent --add-service=http
success
[root@server2 ~]# firewall-cmd --permanent --add-service=https
success
[root@server2 ~]# firewall-cmd --reload 
success
[root@server2 ~]# 

설정하기

  • 설정해야 할 웹사이트를 server2.4am.kr이라고 하자.
1. /var/www/html/server2.4am.kr 디렉토리를 생성한다.
[root@server2 ~]# cd /var/www/html/
[root@server2 html]# mkdir server2.4am.kr
[root@server2 html]# 
2. index.html 파일을 만들고, 올바른 SELinux 컨텍스트를 정의한다.
[root@server2 html]# echo "This is a testpage of server2.4am.kr." > server2.4am.kr/index.html
[root@server2 html]# restorecon -R server2.4am.kr
[root@server2 html]# 
3. /etc/httpd/conf.d/vhosts.conf파일을 생성하고 다음 줄들을 붙여넣기한다.
[root@server2 html]# cd /etc/httpd/conf.d
[root@server2 conf.d]# vim vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@4am.kr
DocumentRoot /var/www/html/server2.4am.kr
ServerName server2.4am.kr
ErrorLog logs/server2.4am.kr-error_log
CustomLog logs/server2.4am.kr-access_log common
</VirtualHost>
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
-- 끼워넣기 --                                                2,15         모두
[root@server2 conf.d]# 
4. 선택적으로 /etc/httpd/conf.d/ssl.conf파일을 이름을 변경할 수 있다. 만약 이름을 변경하지 않는다면 작동하지 않는 https 설정에 있는 가상 호스트가 표시될 것이다.
[root@server2 conf.d]# mv ssl.conf ssl.conf2
[root@server2 conf.d]# 
5. 설정의 유효성을 확인한다.
[root@server2 conf.d]# apachectl configtest
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using server2.example.com. Set the 'ServerName' directive globally to suppress this message
Syntax OK
[root@server2 conf.d]# vim vhosts.conf 
[root@server2 conf.d]# 

노트: httpd -t를 통해서도 확인할 수 있다.

6. httpd서비스를 재시작한다.
[root@server2 conf.d]# apachectl restart
[root@server2 conf.d]# 

노트1: systemctl restart httpd를 통해서도 재시작이 가능하다.
노트2: 마이너한 설정 변경이라면, 현재 접속을 손실하지 않고, Apache 데몬의 재시작만으로도 가능할 수 있다(apachectl graceful).

7. 가상 호스트 설정을 확인한다.
[root@server2 conf.d]# httpd -D DUMP_VHOSTS
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using server2.example.com. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server server2.4am.kr (/etc/httpd/conf.d/vhosts.conf:1)
         port 80 namevhost server2.4am.kr (/etc/httpd/conf.d/vhosts.conf:1)
         port 80 namevhost server2.4am.kr (/etc/httpd/conf.d/vhosts.conf:1)
[root@server2 conf.d]# 
[root@server2 ~]# yum install -y elinks
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package elinks.x86_64 0:0.12-0.36.pre6.el7 will be installed
--> Processing Dependency: libnss_compat_ossl.so.0()(64bit) for package: elinks-0.12-0.36.pre6.el7.x86_64
--> Running transaction check
---> Package nss_compat_ossl.x86_64 0:0.9.6-8.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package              Arch        Version                   Repository     Size
================================================================================
Installing:
 elinks               x86_64      0.12-0.36.pre6.el7        RHELREPO      882 k
Installing for dependencies:
 nss_compat_ossl      x86_64      0.9.6-8.el7               RHELREPO       37 k

Transaction Summary
================================================================================
Install  1 Package (+1 Dependent package)

Total download size: 919 k
Installed size: 2.7 M
Downloading packages:
(1/2): elinks-0.12-0.36.pre6.el7.x86_64.rpm                | 882 kB   00:00     
(2/2): nss_compat_ossl-0.9.6-8.el7.x86_64.rpm              |  37 kB   00:00     
--------------------------------------------------------------------------------
Total                                              4.0 MB/s | 919 kB  00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : nss_compat_ossl-0.9.6-8.el7.x86_64                           1/2 
  Installing : elinks-0.12-0.36.pre6.el7.x86_64                             2/2 
  Verifying  : elinks-0.12-0.36.pre6.el7.x86_64                             1/2 
  Verifying  : nss_compat_ossl-0.9.6-8.el7.x86_64                           2/2 

Installed:
  elinks.x86_64 0:0.12-0.36.pre6.el7                                            

Dependency Installed:
  nss_compat_ossl.x86_64 0:0.9.6-8.el7                                          

Complete!
[root@server2 ~]# elinks http://server2.4am.kr

vhost-test-elinks-server2-4am-kr

8-2. 테스트하기(by 일반적인 브라우저) - 설정을 확인한다.

vhost-test-browser-server2-4am-kr