Multiple webservers on different machines behind single static IP

Question

I ran into a situation where the company I work for would like to spread its webservers across virtual machine instead of relying on one physical box to do everything. Our current setup looks something like this:

example.com → static IP → internal firewall (only 1 machine may receive port 80 traffic) → 192.168.1.100 (our production box)

example1.com, example2.com, etc... → same as above

Our production box runs Apache and separates the incoming names to appropriate local folder using VirtutalHost. This works as expected, but we would like to move some hosts off of production for performance and security concerns. Something like the following setup:

*.example.com → static IP → firewall → 192.168.1.100 (Production)
jira.example.com -> static IP -> firewall -> 192.168.1.100 -> 192.168.1.120
*.example1.com → static IP → firewall → 192.168.1.100 → 192.168.1.111 (Wordpress-1)
*.example2.com → static IP → firewall → 192.168.1.100 → 192.168.1.112 (Wordpress-2)
etc…..

We tried something similar to the following with the VirtualHost file on 192.168.1.100:

<VirtualHost *:*>
    ServerName example.com
      ...
</VirtualHost>

<VirtualHost jira.example.com:*>
    ServerName jira.example.com
      ...
    ProxyPass         /  http://192.168.1.120:80/
    ProxyPassReverse  /  http://192.168.1.120:80/
</VirtualHost>

<VirtualHost example1.com:*>
    ServerName example1.com
      ...
    ProxyPass         /  http://192.168.1.111:80/
    ProxyPassReverse  /  http://192.168.1.111:80/
</VirtualHost>

<VirtualHost example2.com:*>
    ServerName example2.com
      ...
    ProxyPass         /  http://192.168.1.112:80/
    ProxyPassReverse  /  http://192.168.1.112:80/
</VirtualHost>

This partially worked – I was able to use example1.com to talk to Wordpress-1. However, the redirecting would cause hyperlinks to point to example.com, which breaks the site.

When I was looking into DNS, it seemed like it could be a better option. Is it possible to have the domain name provider (GoDaddy in this case) point to a DNS server behind the firewall, that then directs traffic appropriately? Something like this:

hostname → static IP → firewall → 192.168.1.100 (DNS) → webserver assigned to hostname

example.com:
NS  ns1.example.com.
ns1.example.com.    A   192.168.1.100
www A   192.168.1.100
jira.example.com. A 192.168.1.120   

example1.com:
NS  ns1.example1.com.
ns1.example1.com.   A   192.168.1.100
www A   192.168.1.111   

example2.com:
NS  ns1.example2.com.
ns1.example2.com.   A   192.168.1.100
www A   192.168.1.112

Answer 1

This guide at Digital Ocean explains how to configure proxying using Apache2: https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension

After doing some cleanup, I was able to pinpoint the issue. One of my virtual hosts was using 443, but the others were not. However, Wordpress wants to use https for the admin login, which was redirecting to the host that uses SSL. Basically, SSL is an all or nothing game when it comes to your servers. Assuming you're just using port 80, the following would work:

<VirtualHost *:80>
    ServerName example.com
      ...
</VirtualHost>

# Note: This assumes your Jira installation is running on port 80 
<VirtualHost *:80>
    ServerName jira.example.com
      ...
    ProxyPass         /  http://192.168.1.120
    ProxyPassReverse  /  http://192.168.1.120
</VirtualHost>

<VirtualHost *:80>
    ServerName example1.com
      ...
    ProxyPass         /  http://192.168.1.111
    ProxyPassReverse  /  http://192.168.1.111
</VirtualHost>

<VirtualHost *:80>
    ServerName example2.com
      ...
    ProxyPass         /  http://192.168.1.112
    ProxyPassReverse  /  http://192.168.1.112
</VirtualHost>