I'm trying to configure nginx routing to be able to use both a rest server (using Java Spark) and Websockets (using Netty-socketIO).
It works really well locally, but cannot get it to work on aws elasticbeanstalk.
I have Java Spark listening on port 5000, which is the default from http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/java-se-platform.html
By default, Elastic Beanstalk configures the nginx proxy to forward requests to your application on port 5000
and that works.
I listen on port 9000 for the Websocket. I did change the ELB protocol to TCP.
And still from aws docs :
To extend Elastic Beanstalk's default nginx configuration, add .conf configuration files to a folder named .ebextensions/nginx/conf.d/ in your application source bundle. Elastic Beanstalk's nginx configuration includes .conf files in this folder automatically.
which I tried without much success :
server {
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
SocketIO-client connection string http://beanstalk-address-here.us-east-1.elasticbeanstalk.com:9000
In the Network tab, the request is (pending) for a time before failing.
One issue thats likely is that you don't have your ELB configured correctly to except connections on port 9000. You must configure security groups on the ELB correctly to allow connections on non-standard ports:
https://aws.amazon.com/premiumsupport/knowledge-center/elb-connectivity-troubleshooting/
Why do you use nginx if you still access your app through non-standard port
Nginx routing usually accepts all connection in one single port (usually 80/443) and based on the configuration path, it would redirect to any specific ip/port
You nginx config file should essentially have these
Nginx listen port
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
}
Redirection list
server{
....
location / {
proxy_pass http://<your-app-ip>:<your-app-port>;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Now restart nginx
Your app url is http://beanstalk-address-here.us-east-1.elasticbeanstalk.com:9000
Your redirected url is http://beanstalk-address-here.us-east-1.elasticbeanstalk.com (nginx will listen to port 80 and redirect to your app port)
Related
I created an Act.Framework scheduler application (java) that process csv files from ftp server. Everything works well in my local environment on Windows 10. How do I deploy the application to the Dev and Test environments running on Linux servers and have existing applications on weblogic application servers?
I've come accross this doc: http://actframework.org/doc/reference/configuration.md but it doesn't give guidelines or steps on how to do this
ActFramework is a non-servlet Web application framework. It doesn't deploy to any Servet applicaiton servers, including Tomcat, Jetty and WebLogic.
To deploy your actframework application, do:
mvn clean package
And then
scp target/dist/*.gz $username#$remoteHost:
Then you can ssh into your remote host and do
tar xzf *.gz
Finally you need to run the app by
cd $proj
./start
Normally you should also setup your front-end http server, e.g. nginx to proxy the request to your application
Update
With regarding to set up frontend HTTP server, here is an example of nginx configuration file:
server {
listen 80;
server_name api-sit.mb.thinking.studio;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name api.myapp.com;
client_max_body_size 11m;
ssl_certificate /etc/letsencrypt/live/myapp.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/myapp.com/privkey.pem;
location / {
proxy_pass http://localhost:5460;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
add_header X-App-Version $upstream_http_server;
}
}
The above configuration made assumption that:
Your domain name is api.myapp.com
Your act app is listening to port 5460
You have SSL certificate setup and installed in
/etc/letsencrypt/live/myapp.com/ dir
I have a java (spring) application running on Tomcat that needs to consume data from a Postgres DB that is proxied by a NGINX. Postgress doesn't use SSL and the connection from the java app to the NGINX should be over SSL.
Is there a way to do that ?
Go to this address : /etc/nginx/sites-available
create api.postgres.com file
server {
listen 80;
listen [::]:80;
server_name api.postgres.com;
location / {
proxy_pass http://127.0.0.1:5432;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
This should route the request towards running instance of postgres that will be running on port 5432.
Make sure your domain api.postgres.com must point to your server on which your database is installed.
I never did that, but I think this should work.
Thanks.
I have a wordpress application deployed on an Apache server running on port 80 and I also have a java web application deployed on a Tomact server running on port 443.
So basically I have:
http ://mysite.com (Apache)
https: //mysite.com/application (Tomcat)
Now I need to start using my SSL certificate for my website. I know that these processes cannot share the same port. Is there a way to keep both urls without adding an extra port? So both can be accessed via:
https ://mysite.com (Apache)
https ://mysite.com/application (Tomcat)
I'm basing this answer on my configuration with Apache in the front of a Tomcat instance. I don't have your exact configuration but I believe the following should work.
I have an SSL configuration which is where things get forwarded to Tomcat.
I've modified it to be what I think you need:
<VirtualHost _default_:443>
ServerName www.example.com
ProxyPreserveHost on
ProxyPass /application http://localhost:8080/application
ProxyTimeout 360
# rest of the ssl configuration
</VirtualHost>
This should forward everything under /application to Tomcat and keep the rest being served by Apache. Note that this assumes that you have the proxy (a.k.a. mod_proxy) module enabled for your server.
An easy way of doing this is to mount an Nginx server and manage the redirection according to the URL hit:
server {
listen 80;
server_name *.domain.me;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name *.domain.me;
ssl_certificate /path/to/crt;
ssl_certificate_key /path/to/key;
location / {
proxy_pass http://destinationIp:destinationPort;
proxy_set_header Host $host;
}
}
I need to mock certain http service running on different ports and IP address on linux system.
I have used embedded jetty server to mock http services locally on my system.
The problem statement I am having is:
http request from my system to specific Ip and port should be redirected to embedded jetty servers running on my local system
Example:
Request to http://10.10.10.10:8443 ----should be redirected to ---> http://localhost:8443
one way of achieving this by adding entry in /etc/hosts file
10.10.10.10 localhost
But I can't change my system's /etc/hosts file , is there any other way to achieve this programmatic.
Thanks in advance.
You put a nginx on the machine and listen on the 8443 or even port 80 and proxy your connection to the localhost.
server {
# listen on port 80
listen 80;
listen 443 ssl;
# for requests to these domains
server_name 10.10.10.10;
# keep logs in these files
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# SSL Certificate
ssl_certificate /etc/nginx/ssl/certs/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
# You need this to allow users to upload large files
# See http://wiki.nginx.org/HttpCoreModule#client_max_body_size
# I\'m not sure where it goes, so I put it in twice. It works.
client_max_body_size 0;
location / {
proxy_pass http://localhost:8443;
proxy_redirect off;
proxy_read_timeout 5m;
# make sure these HTTP headers are set properly
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
I'm having a distributed application with different modules running on different tomcats ports.
For example login service (CAS) is running on 8080 tomcat port, Reporting service of application is running on another tomcat say 8081 port. Main application is itself running in side different tomcat say port 8083 and I have single domain for the application i.e. www.example.com.com.
I am really wondering how will I manage this using nginix and if user is getting logged in to application and tries to access module on other sever how will session be preserved.
In short how can I configure nginix for a distributed application i.e. application distributed over several servers.
below is the content on nginix file.
server {
listen 80;
server_name mysite.com;
charset utf-8;
rewrite ^(.*) https://$server_name$1 permanent;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
server_name mysite.com;
error_log /var/log/nginx/mysite-qa-error.log;
charset utf-8;
location ~ ^/cas/(.*)$ {
proxy_pass http://localhost:140;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
mysite application is running on 9001 tomcat port.
how will i redirect nginix to application from cas