LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] Redirects http to https

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] Redirects http to https
From: Brian <ba221400@xxxxxxxxx>
Date: Tue, 23 Jul 2013 23:36:41 -0400
Thanks Samy. I am not sure what you mean though--I'm not doing anything
specific to ldirectord with the 301. I'm simply doing a redirect with my
web server to send http to https.

I'm still stuck on this one. Does anyone have experience routing their http
traffic to https with lvs?


On Mon, Jul 22, 2013 at 4:18 AM, Samy Ascha <samy@xxxxxx> wrote:

> Brian,
>
> Don't know the finer details, but I recon LVS would not take the time to
> follow redirects, and maybe it doesn't even make sense to do so.
>
> I think you should just alter your ldirectord check to make sure it
> returns HTTP 200 when your web server is up, not 301.
>
> Kind regards,
> Samy Ascha
>
>
> On Jul 20, 2013, at 5:03 PM, Brian <ba221400@xxxxxxxxx> wrote:
>
> > I'm trying to redirect all http traffic to https. I am using nginx and
> LVS
> > with http now without any issues.
> >
> > Using a standard nginx 301 redirect results in LVS setting my real
> server's
> > weight to 0. Here is the configuration:
> >
> > nginx.conf:
> > server {
> >    listen      80;
> >    server_name example.com;
> >    return 301 https://example.com$request_uri;
> > }
> >
> > server {
> >        listen       443;
> >        ssl on;
> >        ssl_certificate         server.crt;
> >        ssl_certificate_key     server.key;
> >        server_name  example.com;
> >
> > # more here
> >
> > }
> >
> > ldirectord.cf:
> > virtual=VIP:80
> >        fallback=127.0.0.1:80
> >        real=10.0.0.7:80 masq 5
> >        real=10.0.0.8:80 masq 5
> >        service=http
> >        request="lvs.htm"
> >        receive="lvs"
> >        virtualhost=example.com
> >        scheduler=wlc
> >        protocol=tcp
> >        checktype=negotiate
> >
> > virtual=VIP:443
> >        fallback=127.0.0.1:443
> >        real=10.0.0.7:443 masq 5
> >        real=10.0.0.8:443 masq 5
> >        service=https
> >        request="lvs.htm"
> >        receive="lvs"
> >        virtualhost=example.com
> >        scheduler=wlc
> >        protocol=tcp
> >        checktype=negotiate
> >
> >
> > I next tried pointing VIP:80 traffic to RIP:443 which does work to get
> the
> > RIP servers enabled by LVS, but I then get a 400 "The plain HTTP request
> > was sent to HTTPS port" error from nginx when hitting the site.
> >
> > ldirectord.cf:
> > virtual=VIP:80
> >        fallback=127.0.0.1:443
> >        real=10.0.0.7:443 masq 5
> >        real=10.0.0.8:443 masq 5
> >        service=http
> >        request="lvs.htm"
> >        receive="lvs"
> >        virtualhost=example.com
> >        scheduler=wlc
> >        protocol=tcp
> >        checktype=negotiate
> >
> >
> > Does LVS not follow 301 redirects? How can I get my http traffic on 80
> > always routed to https on 443 with LVS?
> >
> >
> > Thanks,
> > Brian
> > _______________________________________________
> > Please read the documentation before posting - it's available at:
> > http://www.linuxvirtualserver.org/
> >
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>