We have an API which will create a cluster and wait for the status until it creates and executes a query in database.
We tried this through Ingress and are getting timed-out.
And we have set in ingress rule as below:
nginx.ingress.kubernetes.io/configuration-snippet: |
location / {
proxy_set_header Connection "";
proxy_http_version 1.1;
}
Error:
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
If we set this it's creating under /data path which is our main API path, and it's not working as expected.
Is there any direct annotation to use server side events?
If we use the above snippet in ingress rule and get this error in controller logs.
Below error Error:
exit status 1
2020/06/26 04:57:22 [emerg] 132#132: location "/" is outside location "/data/" in /tmp/nginx-cfg140739857:11409
nginx: [emerg] location "/" is outside location "/data/" in /tmp/nginx-cfg140739857:11409
nginx: configuration file /tmp/nginx-cfg140739857 test failed.
As the doc suggests, you should never use / for hosting your data from. It should be somewhere in /data/*.
Some directories in any file system should never be used for hosting data from. These include / and root. You should never use these as your document root.
Doing this leaves you open to a request outside of your expected area returning private data.
NEVER DO THIS!!!
server {
root /;
location / {
}
}
Related
I'm running Joplin Server on my Raspi4 under http://127.0.0.1:23000 and on the Raspi I can successfully access the web app.
Since I don't want to publish the port 23000, I want Joplin Server to be accessible via https://myRaspi/joplinServer. Therefore I'm using Nginx.
I tried at first with:
location /joplinServer {
proxy_pass http://127.0.0.1:22300;
}
Now when calling https://myRaspi/joplinServer from any other machine, Nginx keeps the subresource /joplinServer, resulting in an "inner call" to http://127.0.0.1:22300/joplinServer - which does not exist, sure, because Joplin Server itself knows nothing about the subresource and seems to have troubles with handling it.
I also tried this:
location = /joplinServer {
rewrite ^/joplinServer?$ http://127.0.0.1:22300 break;
}
But now every external requests to https://myRaspi/joplinServer ends up as http://127.0.0.1:22300 on my machine which does obviously not work.
So what do I have to configure on Nginx to make my setting work?
Thanks in advance!
This post gave me the solution, which looks like this:
location /joplinServer/ {
proxy_redirect off;
rewrite ^/joplinServer/(.*)$ /$1 break;
proxy_pass http://127.0.0.1:22300;
}
I have a usecase where node exporter is running under reverse proxy. Here is the snippet of my current configuration:
location /node_exporter {
proxy_pass http://127.0.0.1:9100/metrics;
}
This is running fine, but I want to implement it without metrics subpath, for which I did this change:
location /node_exporter {
proxy_pass http://127.0.0.1:9100/;
}
It is opening the initial page of node exporter with metrics button, but when clicked on it, redirects to /metrics instead of /node_exporter/metrics which inturn gives 404.
Please suggest on how to use the rewrite rule for this usecase.
The following site configuration should be enough
location /node_exporter {
proxy_pass http://127.0.0.1:9100/;
}
as long the telemetry path is changed when starting the node_exporter
./node_exporter/node_exporter --web.telemetry-path="/node_exporter/metrics"
I am tryin to run nginx latest version with the following configuration, but I get nginx: [emerg] invalid parameter "route=bloomberg" in /etc/nginx/nginx.conf:13
docker run --rm -ti -v root_to_local_nginx_directory:/etc/nginx:ro -p 3080:80 --name=mynginx --entrypoint nginx nginx
# nginx.conf file inside root_to_local_nginx_directory
http {
map $cookie_route $route_from_cookie {
~.(?P<version>w+)$ $route;
}
split_clients "${remote_addr}" $random_route {
50% server bloomberg.com route=bloomberg;
* server yahoo.com route=yahoo;
}
upstream backend {
zone backend 64k;
server bloomberg.com route=bloomberg;
server yahoo.com route=yahoo;
sticky route $route_from_cookie $randomroute;
}
server {
# ...
listen 80;
location / {
proxy_set_header Host $host;
proxy_pass http://backend;
}
}
}
Why is this? According to the documentation this should be correct http://nginx.org/en/docs/http/ngx_http_upstream_module.html#upstream.
The route=string parameter of the server directive within the upstream context is considered to be an enterprise-grade feature, and is thus only available through the commercial subscription, in NGINX Plus, not in OSS NGINX. (If you look closer into the documentation, you'll notice it's grouped together with the other parameters under a separate "available as part of our commercial subscription" subsection.)
Additionally, you're also trying to use some similar "server" parameters within the split_clients context as if they were actual directives interpreted by nginx, even though everything is supposed to be string literals in that context; it's unclear whether or not that part is responsible for any errors, but even if not, it's a bad style to introduce such confusion into your configuration.
References:
http://nginx.org/en/docs/http/ngx_http_upstream_module.html#server
http://nginx.org/en/docs/http/ngx_http_split_clients_module.html#split_clients
https://www.nginx.com/products/nginx/
The reason why you are seeing the error is because the split_clients module does not support the route parameter. Alternatively, you can do something along the lines:
upstream bloomberg {
server bloomberg.com route=bloomberg;
}
upstream yahoo {
server yahoo.com route=yahoo;
}
split_clients "${remote_addr}" $random_route {
50% bloomberg;
* yahoo;
}
Say I'm accessing www.mywebsite.com.
This website fetches the following asset:
http://www.mywebsite.com/styles/app.css
I want to access the website exactly as I normally would, with one exception:
Whenever my browser makes a request to /styles/app.css, instead of fetching it from http://www.mywebsite.com, I want to fetch it from http://localhost:3000/mywebsite/.
So instead it should be fetching:
http://localhost:3000/mywebsite/styles/app.css
Is this possible with nginx?
I tried to do it using the following server config:
{
...
server {
listen 80;
server_name mywebsite.com;
location /styles/ {
proxy_pass http://localhost:3000/mywebsite/styles/;
}
}
But even after restarting nginx (sudo nginx -s quit, sudo nginx), nothing seems to have changed.
When I browse to www.mywebsite.com/styles/app.css, I still get the same old app.css being retrieved from the server, rather than my local one.
I am running a Rails 3 site on Ubuntu 8.04 with Nginx 1.0.0 and Passenger 3.0.7.
In my Nginx error.log I started seeing the message X-Accel-Mapping header missing quite a lot. Googling lead me to the docs of Rack::Sendfile and to the Nginx docs.
Now, my app can be accessed through several domains and I am using send_file in my app to deliver some files specific to the domain they are requested from, e.g., if you come to domain1.com/favicon.ico I look up the favicon in at public/websites/domain1/favicon.ico.
This works fine and I don't think I need/want to get Nginx involved and create some private area where I store those files, as the samples in the Rack::Sendfile docs suggest.
How can I get rid of the error message?
this message means that Rack::Sendfile disabled X-Accel-Redirect for you, because you have missing configuration for it in nginx.conf...
I'm using Nginx + Passenger 3 + Rails 3.1.
Gathered information from this pages I've figured it out:
http://wiki.nginx.org/X-accel
http://greenlegos.wordpress.com/2011/09/12/sending-files-with-nginx-x-accel-redirect
http://code.google.com/p/substruct/source/browse/trunk/gems/rack-1.1.0/lib/rack/sendfile.rb?r=355
Serving Large Files Through Nginx via Rails 2.3 Using x-sendfile
I have controller which maps /download/1 requests to storage files which have their own directory structure, like this: storage/00/00/1, storage/01/0f/15 etc. So I need to pass this through Rails, but then I need to use send_file method which will use X-Accel-Redirect to send the final file to the browser through nginx directly.
Within the code I have this:
send_file(
'/var/www/shared/storage/00/00/01',
:disposition => :inline,
:filename => #file.name # an absolute path to the file which you want to send
)
I replaced the filename for this example purposes
Now I had to add these lines to my nginx.conf:
server {
# ...
passenger_set_cgi_param HTTP_X_ACCEL_MAPPING /var/www/shared/storage/=/storage/;
passenger_pass_header X-Accel-Redirect;
location /storage {
root /var/www/shared;
internal;
}
# ...
}
The path /storage is not visible from outside world, it is internal only.
Rack::Sendfile gets the header X-Accel-Mapping, extracts the path from it and replaces /var/www/shared/storage with /storage.... Then it spits out the modified header:
X-Accel-Redirect: /storage/00/00/01
which is then processed by nginx.
I can see this works correctly as the file is downloaded 100x faster than before and no error is shown in the logs.
Hope this helps.
We used the similar technique as NoICE described, but i replaced the "hard-coded" directory containing all the files with the regular expression describing the folder containing the folders containing the files.
Sounds hard, yeah? Just take a look on these (/etc/nginx/sites-available/my.web.site):
location /assets/(.+-[a-z0-9]+\.\w+) {
root /home/user/my.web.site/public/assets/$1;
internal;
}
location /images/(.+)(\?.*)? {
root /home/user/my.web.site/public/images/$1;
internal;
}
This should be used with this check:
location / {
# ...
if (-f $request_filename) {
expires max;
break;
}
# ...
}
to prevent the statics from Rails processing.
I did by this manual
https://mattbrictson.com/accelerated-rails-downloads
my server sends file path /private_upload/file/123/myfile.txt, the file is in /data/myapp-data/private_upload/file/123/myfile.txt
# Allow NGINX to serve any file in /data/myapp-data/private_upload
# via a special internal-only location.
location /private_upload {
internal;
alias /data/myapp-data/private_upload;
}
# ---------- BACKEND ----------
location #backend
{
limit_req zone=backend_req_limit_per_ip burst=20 nodelay;
proxy_pass http://backend;
proxy_set_header X-Sendfile-Type X-Accel-Redirect;
proxy_set_header X-Accel-Mapping /=/; # this header is required, it does nothing
include /etc/nginx/templates/myapp_proxy.conf;
}