upstream app_server {
server unix: server1
}
upstream app_server_new {
server unix: server2
}
server {
location ^~ /about {
proxy_pass http://app_server_new
}
location #app {
proxy_pass http://app_server
}
}
So when the user hits /about, the server redirects to upstream app_server_new.
Now I have a development.log file for puma. But that doesn't tell to which upstream the redirect went. Is there any way by which I can know if the redirect actually works, like keeping a log about hits to that upstream?
You can define custom log for that.
Use the fields of your choice:
log_format upstream '$remote_addr - $upstream_addr - $request - $upstream_response_time - $request_time';
Then use it in the context specific to your needs:
access_log /var/log/nginx/upstream.log upstream;
More information can be found there:
http://nginx.org/en/docs/http/ngx_http_log_module.html
http://nginx.org/en/docs/http/ngx_http_upstream_module.html
Related
I have an nginx config that looks similar to this (simplified):
http {
server {
listen 80 default_server;
location /api {
proxy_pass https://my-bff.azurewebsites.net;
proxy_ssl_server_name on;
}
}
}
Essentially, I have a reverse proxy to an API endpoint that uses https.
Now, I would like to convert this to an upstream group to gain access to keepalive and other features. So I tried this:
http {
upstream bff-app {
server my-bff.azurewebsites.net:443;
}
server {
listen 80 default_server;
location /api {
proxy_pass https:/bff-app;
proxy_ssl_server_name on;
}
}
}
Yet it doesn't work. Clearly I'm missing something.
In summary, how do I correctly do this "conversion" i.e. from url to defined upstream?
I have tried switching between http instead of https in the proxy_pass directive, but that didn't work either.
I was honestly expecting this to be a simple replacement. One upstream for another, but I'm doing something wrong it seems.
Richard Smith pointed me in the right direction.
Essentially, the issue was that the host header was being set to "bff-app" instead of "my-bff.azurewebsites.net" and this caused the remote server to close the connection.
Fixed by specifying header manually like below:
http {
upstream bff-app {
server my-bff.azurewebsites.net:443;
}
server {
listen 80 default_server;
location /api {
proxy_pass https:/bff-app;
proxy_ssl_server_name on;
# Manually set Host header to "my-bff.azurewebsites.net",
# otherwise it will default to "bff-app".
proxy_set_header Host my-bff.azurewebsites.net;
}
}
}
Is it possible?
I want know how would be work this config.
Is it Ok or not and why?
upstream one_proxy {
ip_hash;
server unix:/var/run/websocket-proxy.20000.sock max_fails=0;
server unix:/var/run/websocket-proxy.20001.sock max_fails=0;
}
upstream two_proxy {
ip_hash;
server 1.2.3.4:1234;
}
server {
server_name domain_name;
listen 0.0.0.0:80;
access_log off;
location / {
proxy_pass http://one_proxy;
}
}
server {
listen 127.0.0.1:20003;
access_log off;
location / {
proxy_pass http://two_proxy;
}
}
Definitely config not complete but I think it look like good.
I didn't find examples with two reverse proxy on one nginx and I doubt.
If you have experience share it please )
Don't you know nginx -t -c conf/your-custom-nginx.conf command could test the configuration
Why is nginx is nginx placing the upstream name in the redirected URL?
This is my nginx.conf:
worker_processes 1;
events {
worker_connections 1024;
}
http {
upstream servs {
server facebook.com;
}
server {
listen 80;
location / {
proxy_pass http://servs;
}
}
}
When I access the port 80, I get:
This site can’t be reached
servs.facebook.com’s server DNS address could not be found.
Why is it placing "servs." before facebook.com?
You are not setting the Host header in the upstream request, so nginx constructs a value from the proxy_pass directive. As you are using an upstream block, this value is the name of the upstream block, rather than the name of the server you are trying to access.
If you are using an upstream block, it may be advisable to set the Host header explicitly:
proxy_set_header Host example.com;
See this document for more.
In my nginx.conf, I add the following code to deny the illegal request:
server {
...
## Deny illegal Host headers
if ($host !~* ^(www.mydomain.com|xxx.xxx.xxx.xxx)$) {
return 444;
}
...
}
But this request info always be written in access log, which is monitor request I think because they are so many and from two unsafe site and just HEAD request.
So how to stop logging these illegal request info to access log?
Thanks.
You should use separate server blocks
server {
listen 80;
# valid host names
server_name www.example.com;
server_name xx.xx.xx.xx;
# you site goes here
}
# requests with all other hostnames will be caught by this server block
server {
listen 80 default_server;
access_log off;
return 444;
}
That would be simple and efficient
So shamed to find that nginx(1.7.0 and later) log moudle has provided conditional logging, and the document example is just the status condition:
The if parameter (1.7.0) enables conditional logging. A request will not be logged if the condition evaluates to “0” or an empty string. In the following example, the requests with response codes 2xx and 3xx will not be logged:
map $status $loggable {
~^[23] 0;
default 1;
}
access_log /path/to/access.log combined if=$loggable;
Also answer Disable logging in nginx for specific request has mentioned this info. I just neglected it.
Now I add the following code to nginx log settings:
map $status $loggable {
~444 0;
default 1;
}
access_log /var/log/nginx/access.log combined if=$loggable;
the illegal host headers request has not been logged.
I done congfiguration in nginx for redirection and it works successfully.
But in that i want load balancing :-
for that i already create load-balancer.conf as well as give server name into that file like :-
upstream backend {
# ip_hash;
server 1.2.3.4;
server 5.6.7.8;
}
server {
listen 80;
location / {
proxy_pass http://backend;
}
}
In both instances i did same configuration
and it default uses round-robin algorithm so in that request transfer via one pc to another pc.....
but it were not working
can any one suggest me anything that secong request going to another server 5.6.7.8
so i can check load balancing.
Thankyou so much.
Create a log file for upstream to check request is going to which server
http {
log_format upstreamlog '$server_name to: $upstream_addr {$request} '
'upstream_response_time $upstream_response_time'
' request_time $request_time';
upstream backend {
# ip_hash;
server 1.2.3.4;
server 5.6.7.8;
}
server {
listen 80;
access_log /var/log/nginx/nginx-access.log upstreamlog;
location / {
proxy_pass http://backend;
}
}
and then check your log file
sudo cat /var/log/nginx/nginx-access.log;
you will see log like
to: 5.6.7.8:80 {GET /sites/default/files/abc.png HTTP/1.1} upstream_response_time 0.171 request_time 0.171