Domain Name System(DNS) points to LoadBalancer IP or Server
When you request for a DNS at , team create
Context
How Domain Name System(DNS) points to the servers to server web-request?
DNS Unit at ICTC creates a new DNS by pointing to the Load balancer(F5) IP or Virtual IP (VIP) or Load balancer server created by security team. Security team also points this Loadbalancer server to the IP(DNS) of the application host machine. E.g.:
DNS chemistry.kfupm.edu.sa points to the Loadbalancer IP 10.142.24.168 on port 443(HTTPS). The loadbalancer IP points to the backend host machine chemistry-1.kfupm.edu.sa on port 80(HTTP). The Apache web server listening on port 80 of the Apache server will handle the request and based on the host headers of the web request point to the appropriate uWSGI server, e.g.:
These are the available enabled configurations for the Apache server: ``` root@apps-cms-1:/etc/apache2/sites-enabled# tree . ├── alumni-contact.conf -> /etc/apache2/sites-available/alumni-contact.conf ├── chemistry.conf -> /etc/apache2/sites-available/chemistry.conf
``` The Apache checks each of the virtualhost onfigurations and matches the host header(chemistry.kfupm.edu.sa) to the ServerName ``` <VirtualHost *:80> ServerName https://chemistry.test.kfupm.edu.sa ServerAdmin mdfaiz@kfupm.edu.sa …… CASRootProxiedAs https://chemistry.test.kfupm.edu.sa
ProxyPass / uwsgi://localhost:8125/ ProxyPassReverse / uwsgi://localhost:8125/
``` and redirects the reques to the uwsgi server process running at port 8125.
When modauthcas is enabled to make the web resource accessible only to CAS authenticated users, Apache server is redirect to the CAS SSO page for the sign in.
modauthcas configurations will be in `/etc/apache2/mods-available/authcas.conf` file.
Sequence diagram
servers.png
Debugging
Under- maintenance page is displayed to the user by the Loadbalancer server in two cases:
Problem with Apache server, not running. Problem with Apache server’s interaction with CAS service
503 Service not available
This happens when Apache server is working fine but the Application server, uWSGI or Tomcat either overloaded or not running.
uWSGI server did not start properly. Application using non-available(already in use) uwgi port and did not start.
Internal Server Error 5xx
Apache is working fine and Application server, uWSGI or Tomcat, is working fine.
Issue is in the server side code.
Bad request 400
In case of Django application, one possiblity is `ALLOWEDHOSTS` variable does not contain the DNS.