Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
emashev2019-10-24 18:19:29
Nginx
emashev, 2019-10-24 18:19:29

How to setup kong behind nginx proxy?

I'm using Kong API Gateway running in a docker container.
If you execute the request directly from the docker host, then everything is OK - a test page is returned.

[email protected]:~# curl -i -X GET --url http://prod-s-swarm01:8000 --header 'Host: example.com' --header 'apikey: auth-key-maks'

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 24 Oct 2019 11:16:10 GMT
Server: Apache/2.4.7 (Ubuntu)
Vary: Accept-Encoding
X-RateLimit-Remaining-hour: 4
X-RateLimit-Limit-second: 2
X-RateLimit-Remaining-second: 1
X-RateLimit-Limit-hour: 5
X-Kong-Upstream-Latency: 25
X-Kong-Proxy-Latency: 139
Via: kong/1.3.0

<!DOCTYPE html>
<html lang="ru">
<head>
.......

But if you request through nginx proxy (ssl termination occurs on it), then it generally gives the left answer.
[email protected]:~# curl -i -X GET --url https://kong.myserver.com --header 'Host: example.com' --header 'apikey: auth-key-maks'
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Oct 2019 11:14:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 97
Connection: keep-alive
X-Powered-By: Express
ETag: W/"61-Mn0BCF+92vC7dF087oyDAFsiE"

{"Status":"ERROR","Error":"Bad authorize","ErrorDesc":"Не верная авторизация"}

Although this is generally a different subdomain, and besides, it’s not default.
UPD: As it turned out, default, that is, all requests in the headers of which a different Host is specified are proxied to default_server.
Here is the nginx config
server {

listen  443 ssl;
server_name kong.myserver.com;
ssl_certificate   /etc/letsencrypt/live/appgw/fullchain.pem;
ssl_certificate_key   /etc/letsencrypt/live/appgw/privkey.pem;

location / {
     proxy_pass      http://prod-s-swarm01:8000;
     proxy_set_header   Host    $host;
}
}

I tried using $http_host - didn't help either.
Request with custom Hosts comes to nginx in default_server.
At the same time, if you remove --header Hosts in the curl request, then the request for the desired domain goes away and an entry appears in the access.log.
What can be a jamb? I don't want to change default_server because of one subdomain.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
E
emashev, 2019-10-24
@emashev

I found a solution by reading the doc on the Hosts headers, in general, either set the default_server on this subdomain, or set the server_name also to those domains that will be processed through api gw.

Similar questions
S
Silverviql2018-07-22 15:25:45
Text is displayed instead of yii2 website page on ubuntu 16.04, how to fix? 2Reply
S
Silverviql2018-07-23 09:14:01
When starting a site on nginx, yii kernel errors fall out, what could be the problem? 2Reply
B
borodka_lenina2016-03-04 15:49:24
Why doesn't nginx start when the server is rebooted? 2Reply
L
lsla2016-03-05 15:29:41
Why does the site freeze during a long cUrl request? Is Nginx+Apache+PHP on the server? 3Reply
O
OKNOZA2016-03-05 17:40:46
How to properly serve content through Nginx? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question