LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] Redirects http to https

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] Redirects http to https
From: Brian <ba221400@xxxxxxxxx>
Date: Sat, 20 Jul 2013 11:03:15 -0400
I'm trying to redirect all http traffic to https. I am using nginx and LVS
with http now without any issues.

Using a standard nginx 301 redirect results in LVS setting my real server's
weight to 0. Here is the configuration:

nginx.conf:
server {
    listen      80;
    server_name example.com;
    return 301 https://example.com$request_uri;
}

server {
        listen       443;
        ssl on;
        ssl_certificate         server.crt;
        ssl_certificate_key     server.key;
        server_name  example.com;

# more here

}

ldirectord.cf:
virtual=VIP:80
        fallback=127.0.0.1:80
        real=10.0.0.7:80 masq 5
        real=10.0.0.8:80 masq 5
        service=http
        request="lvs.htm"
        receive="lvs"
        virtualhost=example.com
        scheduler=wlc
        protocol=tcp
        checktype=negotiate

virtual=VIP:443
        fallback=127.0.0.1:443
        real=10.0.0.7:443 masq 5
        real=10.0.0.8:443 masq 5
        service=https
        request="lvs.htm"
        receive="lvs"
        virtualhost=example.com
        scheduler=wlc
        protocol=tcp
        checktype=negotiate


I next tried pointing VIP:80 traffic to RIP:443 which does work to get the
RIP servers enabled by LVS, but I then get a 400 "The plain HTTP request
was sent to HTTPS port" error from nginx when hitting the site.

ldirectord.cf:
virtual=VIP:80
        fallback=127.0.0.1:443
        real=10.0.0.7:443 masq 5
        real=10.0.0.8:443 masq 5
        service=http
        request="lvs.htm"
        receive="lvs"
        virtualhost=example.com
        scheduler=wlc
        protocol=tcp
        checktype=negotiate


Does LVS not follow 301 redirects? How can I get my http traffic on 80
always routed to https on 443 with LVS?


Thanks,
Brian
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>