LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] Redirects http to https

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [lvs-users] Redirects http to https
From: Dennis Jacobfeuerborn <dennisml@xxxxxxxxxxxx>
Date: Wed, 24 Jul 2013 13:00:35 +0200
Have you checked that when you enable the redirect that "lvs.htm" can 
still be reached from the directors system using both port 80 and 443?
It looks like you real servers get disabled because the health check 
stops working porperly due to the redirect.

Regards,
   Dennis

On 20.07.2013 17:03, Brian wrote:
> I'm trying to redirect all http traffic to https. I am using nginx and LVS
> with http now without any issues.
>
> Using a standard nginx 301 redirect results in LVS setting my real server's
> weight to 0. Here is the configuration:
>
> nginx.conf:
> server {
>      listen      80;
>      server_name example.com;
>      return 301 https://example.com$request_uri;
> }
>
> server {
>          listen       443;
>          ssl on;
>          ssl_certificate         server.crt;
>          ssl_certificate_key     server.key;
>          server_name  example.com;
>
> # more here
>
> }
>
> ldirectord.cf:
> virtual=VIP:80
>          fallback=127.0.0.1:80
>          real=10.0.0.7:80 masq 5
>          real=10.0.0.8:80 masq 5
>          service=http
>          request="lvs.htm"
>          receive="lvs"
>          virtualhost=example.com
>          scheduler=wlc
>          protocol=tcp
>          checktype=negotiate
>
> virtual=VIP:443
>          fallback=127.0.0.1:443
>          real=10.0.0.7:443 masq 5
>          real=10.0.0.8:443 masq 5
>          service=https
>          request="lvs.htm"
>          receive="lvs"
>          virtualhost=example.com
>          scheduler=wlc
>          protocol=tcp
>          checktype=negotiate
>
>
> I next tried pointing VIP:80 traffic to RIP:443 which does work to get the
> RIP servers enabled by LVS, but I then get a 400 "The plain HTTP request
> was sent to HTTPS port" error from nginx when hitting the site.
>
> ldirectord.cf:
> virtual=VIP:80
>          fallback=127.0.0.1:443
>          real=10.0.0.7:443 masq 5
>          real=10.0.0.8:443 masq 5
>          service=http
>          request="lvs.htm"
>          receive="lvs"
>          virtualhost=example.com
>          scheduler=wlc
>          protocol=tcp
>          checktype=negotiate
>
>
> Does LVS not follow 301 redirects? How can I get my http traffic on 80
> always routed to https on 443 with LVS?
>
>
> Thanks,
> Brian
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>