one(192.168.33.10) is for webserver and the other(192.168.33.11) is for proxy.
# install virtualbox
http://www.oracle.com/technetwork/server-storage/virtualbox/downloads/index.html?ssSourceSiteId=otnus# install vagrant
https://www.vagrantup.com/downloads.htmlcheck version which installed
% vagrant --version
Vagrant 1.9.6
# deploy virtual machines
## 192.168.33.11(Proxy Server)
% cd
% mkdir vagrant_work
% cd vagrant_work
% vagrant init ubuntu/trusty64
A `Vagrantfile` has been placed in this directory. You are now
ready to `vagrant up` your first virtual environment! Please read
the comments in the Vagrantfile as well as documentation on
`vagrantup.com` for more information on using Vagrant.
% vagrant up --provider virtualbox
## 192.168.33.10(Web Server)
% cd
% mkdir vagrant_work2
% cd vagrant_work
% vagrant init ubuntu/trusty64
A `Vagrantfile` has been placed in this directory. You are now
ready to `vagrant up` your first virtual environment! Please read
the comments in the Vagrantfile as well as documentation on
`vagrantup.com` for more information on using Vagrant.
% vagrant up --provider virtualbox
## check point
two virtual machines are running on virtualbox.
# set IP address
## 192.168.33.11(Proxy Server)
move to directory.% cd
% cd vagrant_work
edit file.
% vi Vagrantfile
% cat Vagrantfile
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/trusty64"
config.vm.network "private_network", ip: "192.168.33.11"
end
restart virtual machine.
% vagrant halt
==> default: Attempting graceful shutdown of VM...
% vagrant up
check ping echo.
% ping -c 3 192.168.33.11
## 192.168.33.10(Web Server)
move to directory.% cd
% cd vagrant_work2
edit file.
% vi Vagrantfile
% cat Vagrantfile
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/trusty64"
config.vm.network "private_network", ip: "192.168.33.10"
end
restart virtual machine.
% vagrant halt
==> default: Attempting graceful shutdown of VM...
% vagrant up
check ping echo.
% ping -c 3 192.168.33.10
# install nginx
## 192.168.33.11(Proxy Server)
move to directory.% cd
% cd vagrant_work
% vagrant ssh
install nginx on virtual machine.
# apt-get install nginx
# cp /usr/share/nginx/html/index.html /usr/share/nginx/html/index.html.backup
edit index.html like this.
# vi /usr/share/nginx/html/index.html
# cat /usr/share/nginx/html/index.html
192.168.33.11
## 192.168.33.10(Web Server)
move to directory.% cd
% cd vagrant_work2
% vagrant ssh
install nginx on virtual machine.
# apt-get install nginx
# cp /usr/share/nginx/html/index.html /usr/share/nginx/html/index.html.backup
edit index.html like this.
# vi /usr/share/nginx/html/index.html
# cat /usr/share/nginx/html/index.html
192.168.33.10
## check point
then, check if http access available.http://192.168.33.11
http://192.168.33.10
# proxy config (no ssl)
## 192.168.33.11(Proxy Server)
move to directory.% cd
% cd vagrant_work
% vagrant ssh
edit file like this.
# vi /etc/nginx/conf.d/server.conf
# cat /etc/nginx/conf.d/server.conf
server {
listen 80;
server_name 192.168.33.11;
location / {
proxy_pass http://192.168.33.10/;
}
}
# service nginx restart
* Restarting nginx nginx [ OK ]
## check point
then check again. it shows 192.168.33.10 page. it means proxy server pass to webserver.http://192.168.33.11
# proxy config (ssl)
## 192.168.33.11(Proxy Server)
move to directory.% cd
% cd vagrant_work
% vagrant ssh
ssl settings
# mkdir /usr/local/tmp
# cd /usr/local/tmp/
# openssl genrsa -des3 -out server.key 1024
Generating RSA private key, 1024 bit long modulus
Enter pass phrase for server.key:[1234]
Verifying - Enter pass phrase for server.key:[1234]
# openssl req -new -key server.key -out server.csr
Enter pass phrase for server.key:[1234]
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
# cp server.key server.key.org
# openssl rsa -in server.key.org -out server.key
Enter pass phrase for server.key.org:
writing RSA key
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
Getting Private key
## check point
# ls
server.crt server.csr server.key server.key.org
# pwd
/usr/local/tmp
edit file.
# vi /etc/nginx/conf.d/server.conf
# cat /etc/nginx/conf.d/server.conf
server {
listen 80;
server_name 192.168.33.11;
location / {
proxy_pass http://192.168.33.10/;
}
}
server {
listen 443;
server_name 192.168.33.11;
ssl on;
ssl_certificate /usr/local/tmp/server.crt;
ssl_certificate_key /usr/local/tmp/server.key;
ssl_protocols SSLv2 SSLv3 TLSv1;
location / {
proxy_pass http://192.168.33.10/;
}
}
nginx service restart.
# service nginx restart
* Restarting nginx nginx [ OK ]
## check point
then, access to https page.https://192.168.33.11
