Re: [lvs-users] Redirects http to https

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: [lvs-users] Redirects http to https
From:	Samy Ascha <samy@xxxxxx>
Date:	Mon, 22 Jul 2013 10:18:31 +0200

Brian,

Don't know the finer details, but I recon LVS would not take the time to follow 
redirects, and maybe it doesn't even make sense to do so.

I think you should just alter your ldirectord check to make sure it returns 
HTTP 200 when your web server is up, not 301.

Kind regards,
Samy Ascha
        

On Jul 20, 2013, at 5:03 PM, Brian <ba221400@xxxxxxxxx> wrote:

> I'm trying to redirect all http traffic to https. I am using nginx and LVS
> with http now without any issues.
> 
> Using a standard nginx 301 redirect results in LVS setting my real server's
> weight to 0. Here is the configuration:
> 
> nginx.conf:
> server {
>    listen      80;
>    server_name example.com;
>    return 301 https://example.com$request_uri;
> }
> 
> server {
>        listen       443;
>        ssl on;
>        ssl_certificate         server.crt;
>        ssl_certificate_key     server.key;
>        server_name  example.com;
> 
> # more here
> 
> }
> 
> ldirectord.cf:
> virtual=VIP:80
>        fallback=127.0.0.1:80
>        real=10.0.0.7:80 masq 5
>        real=10.0.0.8:80 masq 5
>        service=http
>        request="lvs.htm"
>        receive="lvs"
>        virtualhost=example.com
>        scheduler=wlc
>        protocol=tcp
>        checktype=negotiate
> 
> virtual=VIP:443
>        fallback=127.0.0.1:443
>        real=10.0.0.7:443 masq 5
>        real=10.0.0.8:443 masq 5
>        service=https
>        request="lvs.htm"
>        receive="lvs"
>        virtualhost=example.com
>        scheduler=wlc
>        protocol=tcp
>        checktype=negotiate
> 
> 
> I next tried pointing VIP:80 traffic to RIP:443 which does work to get the
> RIP servers enabled by LVS, but I then get a 400 "The plain HTTP request
> was sent to HTTPS port" error from nginx when hitting the site.
> 
> ldirectord.cf:
> virtual=VIP:80
>        fallback=127.0.0.1:443
>        real=10.0.0.7:443 masq 5
>        real=10.0.0.8:443 masq 5
>        service=http
>        request="lvs.htm"
>        receive="lvs"
>        virtualhost=example.com
>        scheduler=wlc
>        protocol=tcp
>        checktype=negotiate
> 
> 
> Does LVS not follow 301 redirects? How can I get my http traffic on 80
> always routed to https on 443 with LVS?
> 
> 
> Thanks,
> Brian
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
> 
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] Redirects http to https, Brian Re: [lvs-users] Redirects http to https, Samy Ascha <= Re: [lvs-users] Redirects http to https, Brian Re: [lvs-users] Redirects http to https, Malcolm Turnbull Re: [lvs-users] Redirects http to https, Samy Ascha Re: [lvs-users] Redirects http to https, Anders Henke Re: [lvs-users] Redirects http to https, Dennis Jacobfeuerborn Re: [lvs-users] Redirects http to https, Brian

Previous by Date:	[lvs-users] Redirects http to https, Brian
Next by Date:	Re: [lvs-users] Redirects http to https, Brian
Previous by Thread:	[lvs-users] Redirects http to https, Brian
Next by Thread:	Re: [lvs-users] Redirects http to https, Brian
Indexes:	[Date] [Thread] [Top] [All Lists]