Hi Magnusbaeck,
I am using apache with reverse proxy between two instances using balancer method. Here is my config.
Apache on web tier:
<VirtualHost *:443>
ServerName elk@xxx.com
ServerAdmin webmaster@localhost
Vhost docroot
DocumentRoot "/opt/kibana3/src"
Directories, there should at least be a declaration for /opt/kibana3/src
<Directory "/opt/kibana3/src">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
Load additional static includes
Logging
ErrorLog "/var/log/apache2/ssl_error.log"
ServerSignature Off
CustomLog "/var/log/apache2/ssl_access.log" "%h %D %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i""
Proxy rules
ProxyRequests Off
ProxyPass /es balancer://elk-prod-01-es/
<Location /es>
ProxyPassReverse balancer://elk-prod-01-es/
ProxyPass /_plugin/marvel balancer://elk-prod-01-es/_plugin/marvel
<Location /_plugin/marvel>
ProxyPassReverse balancer://elk-prod-01-es/_plugin/marvel
ProxyPass /_plugin/head balancer://elk-prod-01-es/_plugin/head
<Location /_plugin/head>
ProxyPassReverse balancer://elk-prod-01-es/_plugin/head
ProxyPass /_plugin/bigdesk balancer://elk-prod-01-es/_plugin/bigdesk
<Location /_plugin/bigdesk>
ProxyPassReverse balancer://elk-prod-01-es/_plugin/bigdesk
Redirect rules
Redirect /marvel /_plugin/marvel
Redirect /head /_plugin/head
Redirect /bigdesk /_plugin/bigdsek
SSL directives
SSLEngine on
SSLCertificateFile "/etc/ssl/certs/elk.crt"
SSLCertificateKeyFile "/etc/ssl/private/elk.key"
SSLCACertificatePath "/etc/ssl/certs"
SSLCACertificateFile "/etc/ssl/certs/ca-certificates.crt"
SSLProtocol All -SSLv2 -SSLv3
Custom fragment
Configure SSL
SSLProxyEngine On
#Disable gzip for apache
SetEnv no-gzip 1
And the app tier has a rule to a proxy pass
ProxyPass /kibana http://localhost:5601/kibana
ProxyPassReverse /kibana http://localhost:5601/kibana
And yes if i directly use app tier's IP with port 5601 port i can access it without any pain.
Thanks for the help !
Regards
Niraj