I am having some issues in configuring elastic beanstalk to run 2 asp.net core APIs on a Linux environment. What I am trying to do is to deploy a service called audit which runs on port 5005 and one called idp which runs on port 5000.
What is happening is that I can access idp APIs but not the audit APIs.
This is what my zip upload looks like:
audit/**
idp/**
.platform/ngnix/conf.d/elasticbeanstalk/01_custom.conf
Procfile
01_cusom.conf contain:
location /audit{
proxy_pass http://127.0.0.1:5005 ;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /idp{
proxy_pass http://127.0.0.1:5000 ;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
Procfile contains:
audit: dotnet audit/audit.dll
idp: dotnet idp/idp.dll
audit and idp contains the dlls for each of my applications.
Based on the documentation what should happen is that the configuration set in .platform/ngnix/conf.d/elasticbeanstalk/01_custom.conf should be set in nginx on the machine. This is not actually happening. I have connected to the machine and found that only a file with the default configuration exists on the machine.
To make sure this is the issue I added from the deployed zip (.platform/ngnix/conf.d/elasticbeanstalk/01_custom.conf) in /etc/nginx/conf.d/elasticbeanstalk/00_application_conf and then restarted the nginx server. This actually solves my issue.
So the problem seems to be that the deployment mechanism is not working as documented. (https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/dotnet-linux-platform-nginx.html)
Does anyone have a solution for this?
EDIT
I have tried putting 01_custom.conf in the following places and non seem to work:
.platform/ngnix/conf.d/elasticbeanstalk/
.platform/ngnix/conf.d/
.platform/ngnix with the file 01_custom.conf
.platform/ngnix with the file nginx.conf file with the hope of overriding the one in /etc/nginx/nginx.conf
The folder where you should put your custom nginx script is at .platform/nginx/conf.d/
Don't put it at elasticbeanstalk/01_custom.conf
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/platforms-linux-extend.html
Related
I have a Django project running on Apache2 with mod_wsgi in a VM - https://systems3.slt.local/
Accessing the VM directly, via https://systems3.slt.local/ works perfectly. However, I need it to work behind an NGINX reverse proxy, and I'm having problems with login redirection.
My proxy is configured like this:
location /systems3 {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass https://systems3.slt.local/;
}
When I try to access the project through the proxy, /systems3, Django checks that there is no user logged in, and then redirects to /accounts/login. The correct would be to redirect to /systems3/accounts/login/. Even if I try to directly access this address, I am redirected to /accounts/login.
It seems that some configuration is missing so that the address /systems3 is the root of the project, it shouldn't be redirecting me outside of systems3.
It's also giving problem with my static folder, it also looks for the folder at /static, ignoring that it was supposed to look inside systems3.
I have build a flask API.
When using it in dev environment like this : http://www.apiexample.com:5000, it works.
But once I set up prod environment using Nginx, Gunicorn with a trusted SSL certificate (and thus port 443), I can't do POST, PUT or DELETE request anymore, I can do only GET request.
Here is what is shown when I try to send any form.
Is it a matter of certificate or nginx/gunicorn server setup?
I found and fix the issue.
In fact, during redirects my flask application was losing the https and redirect to http instead, cause it was not getting X-Forwarded headers from ngninx.
Here is what I added to my nginx configuration :
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
I know the this question is asked multiple times and not related to aws.
2020/07/29 10:23:17 [error] 6#6: *37749 connect() failed (113: Host is unreachable) while connecting to upstream, client:
I am facing this issue while I have deployed nginx in aws cloud.
localtion configuration
location /test {
proxy_pass http://test-service;
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
Upstream section like below
upstream test-service {
server test-service.internal:38102;
keepalive 10;
}
Here test-service.internal is my route53 hosted zone entry and it is pointing to some internal application load balancer of aws.
When I deploy/restart nginx server, it works well but after few days (around two/three days) it will hang in proxy pass only. When I load html content, it works perfectly but proxy pass call stuck.
Any solution would be helpful?
Thanks.
After long debugging, we found that nginx will cache test-service.internal ips. And aws will chang it's internal load balancer's ips.
So nginx cached ips are no more exist. so we need to provide new ips.
Solution:
nginx has provided resolver directive
location /test {
resolver 10.0.0.2 127.0.0.1 valid=30s;
set $backend_servers test-service.internal;
proxy_pass http://$backend_servers:38102;
#proxy_pass http://test-service;
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
We have changed two things.
Added resolver.
Removed upstream (resolver is not supported in nginx. nginx-plus support the upstream with resolver)
resolver 10.0.0.2 127.0.0.1 valid=30s;
set $backend_servers test-service.internal;
proxy_pass http://$backend_servers:38102;
Now we are using aws dns server 10.0.0.2 to resolve test-service.internal after every 30s
I was trying to deploy a Django web app to Digital Ocean following this gist. It is written based on a tutorial from digital ocean themselves. Everything seem to be working perfectly fine until it's time to setup Nginx.
I follow it exactly every time and it always sends me a 502 Bad Gateway message.
server {
listen 80;
server_name your_droplet_ip:8000 www.your_droplet_ip:8000;
root /var/www/html;
location / {
proxy_pass http://your_droplet_ip:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
}
try this and after run service nginx restart
I have setup the reverse proxy for the aws elastic search endpoint on a server on port 9200. I am trying to access kibana on that particular server with /kibana URI. But I am getting below error.
Kibana did not load properly. Check the server output for more information.
Nginx Code:
For ElasticSearch:
server {
listen 9002;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass https://search.us-west-2.es.amazonaws.com;
}
}
For Kibana
location /kibana/ {
proxy_set_header Host https://search-es.us-west-2.es.amazonaws.com/_plugin/kibana/;
proxy_set_header X-Real-IP 34.214.177.249;
proxy_pass https://search-es.us-west-2.es.amazonaws.com/_plugin/kibana/;
proxy_redirect https://search-es.us-west-2.es.amazonaws.com/_plugin/kibana/ http://ab.cd.ef.g/kibana/;
}
For My App:
location / {
proxy_redirect off;
proxy_pass http://127.0.0.1:3054;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
}
I am also getting a lot of below console error.
Failed to load resource: the server responded with a status of 502 (Bad Gateway).
http://ab.cd.ef.g//_plugin/kibana/ui/favicons/favicon.ico
Any hint would be appreciated.
Nginx reverse proxy setup for Kibana:
I am using Kibana 7.5 version I have faced this issue with Nginx. I have added configuration for following entries in the Nginx configuration file. It is fixed.
/app|/translations|/node_modules|/built_assets/|/bundles|/es_admin|/plugins|/api|/ui|/elasticsearch|/spaces/enter
You need to set server.basePath to /kibana
Enables you to specify a path to mount Kibana at if you are running
behind a proxy. This only affects the URLs generated by Kibana, your
proxy is expected to remove the basePath value before forwarding
requests to Kibana. This setting cannot end in a slash (/).