How to Set Up Apache Traffic Server as a Reverse-Proxy on Ubuntu
This tutorial will cover how to install Apache Traffic Server on Ubuntu 14.04 and configure it to behave as a caching reverse proxy.
Step 1 — Installing Traffic Server
Because Traffic Server is available on Ubuntu 14.04’s default repositories, you can install it using apt-get. Make sure you update your package index files before you do so.
- sudo apt-get update && sudo apt-get install trafficserver
Traffic Server listens on port 8080 by default. You can use a browser to visit http://your_server_ip:8080/ now. However, you will see an error because you haven’t configured it yet.
Step 2 — Installing a Web Server
By definition, a proxy server acts as an intermediary between external users and a web server. Therefore, before you begin configuring Traffic Server, you should install a web server such as Apache HTTP Server on your machine.
Install and start Apache using apt-get.
- sudo apt-get install apache2
You can now use a browser and visit http://your_server_ip/ to see Apache’s welcome page.
Step 3 — Disabling Remote Access to the Web Server
Apache accepts connections on all network interfaces by default. By configuring it to accept connections only on the loopback interface, you can make sure that it is inaccessible to remote users.
Open ports.conf using nano or your favorite text editor.
- sudo nano /etc/apache2/ports.conf
Search for the line containing the Listen 80 directive and change it to:
Listen 127.0.0.1:80
Save and exit the file.
Next, open apache2.conf.
- sudo nano /etc/apache2/apache2.conf
Add the following line at the end of the file:
ServerName localhost
Save and close the file.
To apply the configuration changes, restart Apache using the following command:
- sudo service apache2 restart
Try using a browser to visit http://your_server_ip/ again. Your browser should show an error now, because you blocked remote access to the server.
Step 4 — Configuring Traffic Server as a Reverse Proxy
In this step, we will configure Traffic Server as a reverse proxy. To do so, open remap.config, which is the file you should edit to define Traffic Server’s mapping rules.
- sudo nano /etc/trafficserver/remap.config
Let’s create a simple rule that says all requests to the server’s IP address on port 8080 are mapped to the web server’s local address and port. You can do so by adding the following line to the end of the file:
map http://your_server_ip:8080/ http://127.0.0.1:80/
Save the file and exit.
To activate the new mapping rule, use the reread_config command of traffic_line:
- sudo traffic_line –reread_config
Open a browser and visit http://your_server_ip:8080/. If you are able to see Apache’s welcome page now, you have successfully configured Traffic Server as a reverse proxy.
Step 5 — Configuring Traffic Server to Cache Everything
By default, Traffic Server will cache an HTTP response only if it contains a Cache-Control or Expires header explicitly specifying how long the item should be stored in the cache. However, as our web server is only serving static files, it is safe to cache all its responses.
To configure Traffic Server such that it caches all HTTP responses, you should change the value of a config variable called proxy.config.http.cache.required_headers to 0. This can be done using the set_var command of traffic_line.
- sudo traffic_line –set_var proxy.config.http.cache.required_headers –value 0
Apply the change using the reread_config flag.
- sudo traffic_line –reread_config
Open a browser and visit http://your_server_ip:8080/ again. This will store the Apache welcome page in Traffic Server’s cache.
Step 6 — Inspecting the Cache
To view the contents of Traffic Server’s cache, you can use a tool called Cache Inspector, which has a web-based interface.
To activate the tool, set the value of the proxy.config.http_ui_enabled config variable to 1.
- sudo traffic_line –set_var proxy.config.http_ui_enabled –value 1
Next, create a mapping rule specifying the path you want to use to access it. Open remap.config again using nano.
- sudo nano /etc/trafficserver/remap.config
Let’s make the Cache Inspector available on /inspect. To do so, add the following line at the top of the file:
- map http://your_server_ip:8080/inspect http://{cache}
Save the file and exit.
To apply the changes, restart Traffic Server.
- sudo service trafficserver restart
The Cache Inspector is now ready to be used. Open a browser, and visit http://your_server_ip:8080/inspect/. You will see a page which looks like this:
Next, click on the Lookup url link.
You can now type in a URL in the text field and click on the Lookup button to check if it is stored in the cache.
For example, you can type in http://your_server_ip:8080/ to check if your web server’s homepage is being served from the cache. If it is, you will see a page which looks like this:
