balogan
January 2, 2020, 3:59pm
1
ECE 2.4.3
I can get to Kibana using the endpoint prepended to the domain name like this:https://708 ....vcp-ecelab-log.mon.vzwops.com
But we want a more user friendly url like this:https://vcp-ecelab-log.mon.vzwops.com/kibana
Here's the result:
Haproxy setup:vcp-ecelab-log.mon.vzwops.com } { path_beg -i /kibana } or { path_beg -i /kibana/ }
Backend:
server ecelab-log-1 708.....eceproxylab-1-southlake.mon.vzwops.com:9200 check verify none
I've tried different combinations of the following on the frontend with no luck:#acl ece_kibana path_beg -i /kibana#redirect location 708.....eceproxylab-1-southlake.mon.vzwops.com append-slash code 301 if ece_kibana#acl ece_kibana { hdr(host) -i vcp-ecelab-log.mon.vzwops.com } { path_beg -i /kibana } or { path_beg -i /kibana/ }#http-request set-var(req.kibana_endpoint) req.hdr(host),lower,regsub(.vcp-ecelab-log.mon.vzwops.com$,) if { hdr(host) -i vcp-ecelab-log.mon.vzwops.com } { path_beg -i /kibana }#http-request set-path /%[var(req.rewrite_kibendpoint)]%[path] if { var(req.rewrite_kibendpoint) -m found }#http-request set-header Host vcp-ecelab-log.mon.vzwops.com if { var(req.rewrite_kibendpoint) -m found }#http-request redirect location 708.....eceproxylab-1-southlake.mon.vzwops.com if ece_kibana#http-request redirect code 301 location http://%[url,regsub(^/,/708....,)].%[hdr(host)] if ece_kibana#use_backend be_ecelab_log ece_kibana#redirect prefix 708.....eceproxylab-1-southlake.mon.vzwops.com code 301 if { hdr(host) -i vcp-ecelab-log.mon.vzwops.com }
Hi @balogan
We're working on built-in support for "vanity URLs" aka "cluster aliases" aka "user friendly URLs" at the moment (no ETA though), in the meantime, you should get haproxy to inject the header X-Found-Cluster: 708...4e (full id, not the rest of the URL, I shortened for security)
eg
http-request add-header X-Found-Cluster ā708...4eā
balogan
January 2, 2020, 7:29pm
3
Thanks for the quick response.
I made the change and can access through curl on the load balancers, but I'm getting a 503 with a web browser.
< HTTP/1.1 302 Found
My guess would be that one of the rules in your haproxy is misfiring
Can you get haproxy to log what it's doing exactly (and specifically what it is converting the "input" URL to?)
Or probably if you look in one of the log files in /mnt/data/:id/services/proxy/logs/ it will give some more info
(If you go to the network debugger for the browser and "copy as curl", and then try that curl, I would guess you'll reproduce the error)
balogan
January 3, 2020, 3:29pm
5
I got it to work by removing /kibana from the haproxy rules. I could see the initial get going through in the browser network debugger, but the login response is where it failed.
We'll see if my manager is happy removing /kibana. He's on PTO today.
Thanks for the help.
Rob_wylde
January 6, 2020, 7:26pm
6
HAProxy is good and all but below is how i do it with nginx.
upstream ece_proxies {
zone ece_proxies 64K;
server 10.1.1.100:9243;
server 10.1.1.101:9243;
server 10.1.1.102:9243;
}
#Testing Instance
server {
listen 9200 ssl;
listen 443 ssl; # 'ssl' parameter tells NGINX to decrypt the traffic
server_name myhouse-es.domain.net;
ssl_certificate /etc/letsencrypt/live/domain.net/fullchain.pem; # The certificate file
ssl_certificate_key /etc/letsencrypt/live/domain.net/privkey.pem; # The private key file
location / {
proxy_pass https://ece_proxies;
proxy_http_version 1.1;
proxy_set_header Host e71625acb09b4befbb40bf03cb3e0d86.domain.net;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Connection "";
}
}
The above terminated a Lets Encrypted wildcard cert and hands the connections off to the ECE proxies correctly and without and issues.
1 Like
(Setting Host with the full cluster id as a prefix is the alternative to setting X-Found-Cluster, which to use is just a matter of preference)
system
January 20, 2020, 7:40pm
8
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
