Welcome! Log In Create A New Profile

Advanced

nginx load balance TLS elasticsearch

Previous Message Next Message
Forum List Message List New Topic Print View
borys_85
March 14, 2022 01:55PM
Hi
I'm a new on nginx configuration, I've tried today to up load balancer for my elasticsearch service instances
I don't know what's wrong?
"/docker-entrypoint.sh: Configuration complete; ready for start up
2022/03/14 17:46:54 [emerg] 1#1: "server" directive is not allowed here in /etc/nginx/nginx.conf:42
nginx: [emerg] "server" directive is not allowed here in /etc/nginx/nginx.conf:42
"

Below You can find my configuration:
docker compose:
version: "3.3"

services:
nginx_load_balancer:
image: nginx
volumes:
- /home/elasticsearch/kickstart_elk_cluster/nginx_1.conf:/etc/nginx/nginx.conf
- /home/elasticsearch/certificates/es_coordination_3/es_coordination_3.crt:/etc/ssl/certs/coordination_3.crt
- /home/elasticsearch/certificates/es_coordination_3/es_coordination_3.key:/etc/ssl/certs/coordination_3.key
- /home/elasticsearch/certificates/es_coordination_2/es_coordination_2.crt:/etc/ssl/certs/coordination_2.crt
- /home/elasticsearch/certificates/es_coordination_2/es_coordination_2.key:/etc/ssl/certs/coordination_2.key
- /home/elasticsearch/certificates/es_coordination_1/es_coordination_1.key:/etc/ssl/certs/coordination_1.key
- /home/elasticsearch/certificates/es_coordination_1/es_coordination_1.key:/etc/ssl/certs/coordination_1.key
- /home/elasticsearch/certificates/ca/ca.crt:/etc/ssl/certs/ca.crt
ports:
- "9200:80"
networks:
- kickstartelkcluster_elastic
networks:
kickstartelkcluster_elastic:
external: true


=========
and nginx_1.conf

more nginx_1.conf
http {
#...
upstream elasticsearch_servers {
zone elasticsearch_servers 64K;
server 10.210.12.10:9201;
server 10.210.12.11:9238;
server 10.210.12.12:9219;
}

server {
listen 9200;
server_name 10.210.12.10;
#...

location /upstream {
proxy_pass https://elasticsearch_servers;
proxy_ssl_certificate /etc/nginx/coordination_1.crt;
proxy_ssl_certificate_key /etc/nginx/coordination_1.key;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
proxy_ssl_ciphers HIGH:!aNULL:!MD5;
proxy_ssl_trusted_certificate /etc/nginx/trusted_ca_cert.crt;

proxy_ssl_verify on;
proxy_ssl_verify_depth 2;
proxy_ssl_session_reuse on;
}
}

server {
listen 9201 ssl;
server_name 10.210.12.10;
ssl_certificate /etc/ssl/certs/coordination_1.crt;
ssl_certificate_key /etc/ssl/certs/coordination_1.key;
ssl_client_certificate /etc/ssl/certs/ca.crt;
ssl_verify_client optional;

location /yourapp {
proxy_pass http://10.210.12.10;
#...
}

server {
listen 9238 ssl;
server_name 10.210.12.11;
ssl_certificate /etc/ssl/certs/coordination_2.crt;
ssl_certificate_key /etc/ssl/certs/coordination_2.key;
ssl_client_certificate /etc/ssl/certs/ca.crt;
ssl_verify_client optional;

location /yourapp {
proxy_pass http://10.210.12.10;
#...
}
}
server {
listen 9219 ssl;
server_name 10.210.12.12;

ssl_certificate /etc/ssl/certs/coordination_3.crt;
ssl_certificate_key /etc/ssl/certs/coordination_3.key;
ssl_client_certificate /etc/ssl/certs/ca.crt;
ssl_verify_client optional;

location /yourapp {
proxy_pass http://10.210.12.10;
#...
}
}
}
Reply Quote
RSS
Subject Author Posted

nginx load balance TLS elasticsearch

borys_85 March 14, 2022 01:55PM

Re: nginx load balance TLS elasticsearch

borys_85 March 14, 2022 01:58PM

Re: nginx load balance TLS elasticsearch

borys_85 March 14, 2022 02:32PM

Re: nginx load balance TLS elasticsearch

Francis Daly March 14, 2022 02:40PM

Re: nginx load balance TLS elasticsearch

borys_85 March 14, 2022 03:15PM

Re: nginx load balance TLS elasticsearch

borys_85 March 14, 2022 03:55PM

Re: nginx load balance TLS elasticsearch

Francis Daly March 15, 2022 07:54PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 259
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready