I have an Angular app and I am using the Angular APM Rum library. My APM server is behind an nginx reverse proxy. I'm getting CORS errors as per attached screenshot.
Kibana version:
7.11.0
Elasticsearch version:
7.11.0
APM Server version:
7.11.0
APM Agent language and version:
"@elastic/apm-rum-angular": "^1.1.10"
Browser version:
Chrome Version 89.0.4389.90
Original install method (e.g. download page, yum, deb, from source, etc.) and version:
My elastic stack is running in docker containers. So is the nginx proxy.
Fresh install or upgraded from other version?
Fresh
Is there anything special in your setup?
My APM server is behind an nginx reverse proxy.
Description of the problem including expected versus actual behavior. Please include screenshots (if relevant):
I'm getting CORS errors as per attached screenshot.
Docker-Compose:
logstash:
image: logstash:1.0
build:
context: logstash/
dockerfile: Dockerfile
ports:
- "5044:5044"
- "5000:5000/tcp"
- "5000:5000/udp"
- "9600:9600"
networks:
- innagoNetwork_dev
apm-server:
image: docker.elastic.co/apm/apm-server:7.11.0
depends_on:
elasticsearch:
condition: service_healthy
kibana:
condition: service_healthy
cap_add: ["CHOWN", "DAC_OVERRIDE", "SETGID", "SETUID"]
cap_drop: ["ALL"]
ports:
- 8200:8200
networks:
- innagoNetwork_dev
command: >
apm-server -e
-E apm-server.rum.enabled=true
-E setup.kibana.host=kibana:5601
-E setup.template.settings.index.number_of_replicas=0
-E apm-server.kibana.enabled=true
-E apm-server.kibana.host=kibana:5601
-E output.elasticsearch.hosts=["elasticsearch:9200"]
healthcheck:
interval: 10s
retries: 12
test: curl --write-out 'HTTP %{http_code}' --fail --silent --output /dev/null http://localhost:8200/
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.11.0
environment:
- bootstrap.memory_lock=true
- cluster.name=docker-cluster
- cluster.routing.allocation.disk.threshold_enabled=false
- discovery.type=single-node
- ES_JAVA_OPTS=-XX:UseAVX=2 -Xms1g -Xmx1g
ulimits:
memlock:
hard: -1
soft: -1
volumes:
- ../../../merlin_volumes/elasticsearch/data:/usr/share/elasticsearch/data
ports:
- 9200:9200
networks:
- innagoNetwork_dev
healthcheck:
interval: 20s
retries: 10
test: curl -s http://localhost:9200/_cluster/health | grep -vq '"status":"red"'
kibana:
image: docker.elastic.co/kibana/kibana:7.11.0
depends_on:
elasticsearch:
condition: service_healthy
environment:
ELASTICSEARCH_URL: http://elasticsearch:9200
ELASTICSEARCH_HOSTS: http://elasticsearch:9200
ports:
- 5601:5601
networks:
- innagoNetwork_dev
healthcheck:
interval: 10s
retries: 20
test: curl --write-out 'HTTP %{http_code}' --fail --silent --output /dev/null http://localhost:5601/api/status
nginx config
APM Server stuff at the bottom.
server {
if ($host = socket.local.com) {
return 301 https://$host$request_uri;
}
if ($host = elk.local.com) {
return 301 https://$host$request_uri;
}
if ($host = apm.local.com) {
return 301 https://$host$request_uri;
}
listen 80;
client_max_body_size 150M;
server_name socket.local.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
client_max_body_size 150M;
server_name socket.local.com;
location / {
proxy_pass http://signalrhub:80;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
location signalr/ {
proxy_pass http://signalrhub:80;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
ssl on;
ssl_certificate /etc/nginx/certs/local.crt;
ssl_certificate_key /etc/nginx/certs/local.key;
}
server {
if ($host = innago.local.com) {
return 301 https://$host$request_uri;
}
listen 80;
client_max_body_size 150M;
server_name innago.local.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name innago.local.com;
client_max_body_size 150M;
location ^~ /landlord/lease-template {
alias /var/www/property-owner/lease-template;
index index.html index.htm;
try_files $uri$args $uri$args/ /property-owner/lease-template/index.html;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
location ^~ /Landlord {
alias /var/www/property-owner;
index index.html index.htm;
try_files $uri$args $uri$args/ /property-owner/index.html;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
location ^~ /Tenant {
alias /var/www/tenant;
index index.html index.htm;
try_files $uri$args $uri$args/ /tenant/index.html;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
location ^~ /Admin {
alias /var/www/admin;
index index.html index.htm;
try_files $uri$args $uri$args/ /admin/index.html;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
location / {
root /var/www/auth;
index index.html index.htm;
try_files $uri$args $uri$args/ /index.html;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
ssl on;
ssl_certificate /etc/nginx/certs/local.crt;
ssl_certificate_key /etc/nginx/certs/local.key;
}
server {
client_max_body_size 150M;
server_name elk.local.com;
location / {
proxy_pass http://logstash:80;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
ssl on;
ssl_certificate /etc/nginx/certs/local.crt;
ssl_certificate_key /etc/nginx/certs/local.key;
}
server{
listen 443 ssl http2;
ssl_certificate_key /etc/nginx/certs/local.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
client_max_body_size 150M;
server_name apigateway.local.com;
location / {
proxy_pass http://apigateway:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
proxy_http_version 1.1;
}
}
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/certs/local.crt;
ssl_certificate_key /etc/nginx/certs/local.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
client_max_body_size 150M;
server_name auth.local.com;
location / {
proxy_pass http://identityserver:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
proxy_http_version 1.1;
}
}
server {
client_max_body_size 150M;
server_name apm.local.com;
location / {
proxy_pass http://apm-server:8200;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection $http_connection;
}
ssl on;
ssl_certificate /etc/nginx/certs/local.crt;
ssl_certificate_key /etc/nginx/certs/local.key;
}
Errors in browser console (if relevant):
Provide logs and/or server output (if relevant):
Request details
OPTIONS
ERROR
