Deploying Rails with Pound in front of Apache and Mongrel on Redhat ES4 with Ensim - Part 1
I have my own dedicated server running Ensim on which I run quite a few sites. Most of these are either static HTML or PHP sites, but I also host a couple of Rails apps on the same box using Lighttpd. That has turned out not to be the most reliable setup. After a year of killing hung dispatchers I decided to give mongrel_cluster and Pound a try. This is how I did it.
Note that these instructions are specific to Redhat ES4 with Ensim, though most of this stuff should work on other flavors of *nix with some slight modifications.
Prerequisites
The only prerequisite for Pound that I am aware of is pcre. You probably already have it installed, but if you don’t, install in via up2date, yum, or whatever.
Installing Pound
Download, configure and install Pound. There are stable and experimental versions to choose from. I’m using the latest experimental release:
wget http://www.apsis.ch/pound/Pound-2.1.8.tgz tar vxzf Pound-2.1.8.tgz cd Pound-2.1.8 ./configure make make install
Test Configuration
I don’t like the default location for Pound’s configuration file, so I’ve created mine file here: /etc/pound/pound.cfg
In order to make sure everything is working as expected, we’re going to start with a test configuration. Something simple. Put this in your /etc/pound/pound.cfg file for now:
LogLevel 0
Alive 30
ListenHTTP
Address 0.0.0.0
Port 81
Service
BackEnd
Address YOUR SERVER'S EXTERNAL IP
Port 80
End
End
End
This configuration will proxy all inbound requests to port 81 over to Apache running on port 80. Now try to start up pound:
pound -v -f /etc/pound/pound.cfg
If it started properly, you’ll get no output. You should get an error if it couldn’t start up. Use
ps -ef | grep pound
to see if it’s running. If so, try to browse to one of the sites on your server using port 81. For example: http://www.infused.org:81. If it works we’re in business, so we’ll create a pound start-up script and configure it to start up on boot.
Setup Pound daemon
Create a /etc/init.d/pound file with the following contents:
#!/bin/sh
. /etc/rc.d/init.d/functions
# To add to services:
# chkconfig --add pound
# Enable automatic start on boot
# chkconfig pound on
### BEGIN INIT INFO
# Provides: pound
# Required-Start: $network $syslog
# Required-Stop:
# Default-Start: 3 5
# Default-Stop:
# Description: Starts pound reverse proxy
### END INIT INFO
if [ -z "$POUND_CONF_PATH" ]; then
POUND_CONF_PATH="/etc/pound/pound.conf"
fi
prog="pound"
pound="/usr/local/sbin/pound"
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon $pound -f $POUND_CONF_PATH
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $pound
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}
reload() {
echo -n $"Reloading $prog: "
killproc $pound -HUP
RETVAL=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/$prog ]; then
stop
start
fi
;;
reload)
reload
;;
status)
status $pound
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|reload|status}"
RETVAL=1
esac
exit $RETVAL
Now you can configure Pound as a service and set it to start on boot:
chmod +x /etc/init.d/pound chkconfig --add pound chkconfig pound on
Use the ps command again to find and then kill the pound instance you started earlier. You will probably see to instances running. Kill the first one, and the other will die with it. Once the test instance is dead, you can start, stop, and restart Pound like any other service. To start it up as a service:
service pound start
The Real Deal
Test it by browsing to a site on port 81 again. If everything looks good, it’s time to do this thing for real. Edit /etc/pound/pound.cfg and swap the ports between the proxy and the backend server. The file should now look like this:
LogLevel 0
Alive 30
ListenHTTP
Address 0.0.0.0
Port 80
Service
BackEnd
Address 67.15.198.2
Port 81
End
End
End
Log into your Ensim control panel as the Appliance Administrator and click on the Web Server link. Change port 80 to 81 and click Update Configuration.
With the appliance updated, we now need to restart Apache and Pound to pick up their new configurations:
service pound stop service httpd restart service pound start
All your sites should now be accessible on port 80. Try them out. If you don’t see any problems, there is one important step left to do.
Fix Apache Logging
Right now, all the Apache logs will show you server’s IP address as the remote address. To fix this, you need to swap out %h for "%{X-Forwarded-for}i" in any LogFormat line in /etc/httpd/conf/httpd20_app.conf
You may have LogFormat lines in other files too, such as /etc/httpd/conf/httpd.conf. Change those too.
My LogFormat directive now looks like this (on one line):
LogFormat "%v:\"%{X-Forwarded-for}i\" %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" ecombined
Restart Apache again and you’re done.
service httpd restart
Subversion
If you are running Subversion under Apache, you’ll also need to tell Pound to allow the proper HTTP verbs. Add the following line to /etc/pound/pound.cfg, right under ListenHTTP:
xHTTP 2
By the way, this also tells Pound to allow the PUT and DELETE verbs, which you’ll need if you’re using the map.resources stuff in Rails.
Additional Resources
Coming Up
The stage is now set for Part 2, where I set up Pound to proxy to several Rails apps which are running under mongrel_cluster. Stay tuned.
