Welcome! Log In Create A New Profile

Re: Help: Using Nginx Reverse Proxy bypass traffic in to a application running in a container

Forum List Message List New Topic Print View

Francis Daly

June 01, 2021 02:56AM

On Sat, May 29, 2021 at 07:11:38PM +0530, Amila Gunathilaka wrote:

Hi there,

It sounds like you have the main part solved by changing the "health
check" request to be one that your port-9091 upstream is able to handle,
which is good.

> >As I understand it, the load balancer is making the request "OPTIONS /"
> >to nginx, and nginx is responding with a http 405, and you don't want
> >nginx to do that.
>
> >What response do you want nginx to give to the request?
>
> Yes you are absolutely right I wanted nginx to stop that 405 response and
> give the success response 200 or even 401 which I can confirm my proxy pass
> and basic auth is working.

After you decide what response you want nginx to give to the request,
you can configure nginx to do that.

In this case, if you want nginx to give a 401 if no valid credentials are
provided, then you want something like auth_basic; if you want nginx to
give a 200 if no valid credentials are provided, then you must not have
something like auth_basic.

> Also I think that 405 response is coming *from nginx itself *to the
> external load balancer because external load balancer directly
> communicating with the nginx (80) and also my upstream server (9091 port
> server) is not a webapp it's just a binary file running inside docker
> container.

From nginx's point of view, it does not matter what the upstream/back-end
service is; it matters that it responds correctly to http requests.

When I use a similar configuration to yours, I see the OPTIONS request
being sent to the upstream and getting a 405 from there.

> Anyway I thought to fix the OPTIONS method fix on the external load
> balancer itself , and I logged in to my external load balancer configs
> page and I changed the HTTP health checks using OPTIONS into *GET *
> method.
> ANd yeah now 405 error gone. But now I'm getting 401 responses , which
> should be the correct response since I'm using a basic auth in my
> nginx.conf file. Below is my nginx.conf FYI

Good stuff.

This says that, for any request starting with /metrics, nginx should
check for valid credentials or return 401; and then pass the request to
the upstream and return whatever it returns.

> location /metrics {
> proxy_pass http://127.0.0.1:9091/metrics;

One small thing: because the end of the "proxy_pass" directive is
exactly equal to the full "location" value, you could omit it from the
"proxy_pass"; that is, you could instead use

proxy_pass http://127.0.0.1:9091;

but when what you have works, it works.

Cheers,

f
--
Francis Daly francis@daoine.org
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Help: Using Nginx Reverse Proxy bypass traffic in to a application running in a container	Amila Gunathilaka	May 17, 2021 10:00PM
Re: Help: Using Nginx Reverse Proxy bypass traffic in to a application running in a container	Francis Daly	May 19, 2021 04:28AM
Re: Help: Using Nginx Reverse Proxy bypass traffic in to a application running in a container	amiladevops	May 29, 2021 09:42AM
Re: Help: Using Nginx Reverse Proxy bypass traffic in to a application running in a container	Francis Daly	June 01, 2021 02:56AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 215

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018