Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
emashev2019-10-24 18:19:29
Nginx
emashev, 2019-10-24 18:19:29

How to setup kong behind nginx proxy?

I'm using Kong API Gateway running in a docker container.
If you execute the request directly from the docker host, then everything is OK - a test page is returned.

[email protected]:~# curl -i -X GET --url http://prod-s-swarm01:8000 --header 'Host: example.com' --header 'apikey: auth-key-maks'

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 24 Oct 2019 11:16:10 GMT
Server: Apache/2.4.7 (Ubuntu)
Vary: Accept-Encoding
X-RateLimit-Remaining-hour: 4
X-RateLimit-Limit-second: 2
X-RateLimit-Remaining-second: 1
X-RateLimit-Limit-hour: 5
X-Kong-Upstream-Latency: 25
X-Kong-Proxy-Latency: 139
Via: kong/1.3.0

<!DOCTYPE html>
<html lang="ru">
<head>
.......

But if you request through nginx proxy (ssl termination occurs on it), then it generally gives the left answer.
[email protected]:~# curl -i -X GET --url https://kong.myserver.com --header 'Host: example.com' --header 'apikey: auth-key-maks'
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Oct 2019 11:14:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 97
Connection: keep-alive
X-Powered-By: Express
ETag: W/"61-Mn0BCF+92vC7dF087oyDAFsiE"

{"Status":"ERROR","Error":"Bad authorize","ErrorDesc":"Не верная авторизация"}

Although this is generally a different subdomain, and besides, it’s not default.
UPD: As it turned out, default, that is, all requests in the headers of which a different Host is specified are proxied to default_server.
Here is the nginx config
server {

listen  443 ssl;
server_name kong.myserver.com;
ssl_certificate   /etc/letsencrypt/live/appgw/fullchain.pem;
ssl_certificate_key   /etc/letsencrypt/live/appgw/privkey.pem;

location / {
     proxy_pass      http://prod-s-swarm01:8000;
     proxy_set_header   Host    $host;
}
}

I tried using $http_host - didn't help either.
Request with custom Hosts comes to nginx in default_server.
At the same time, if you remove --header Hosts in the curl request, then the request for the desired domain goes away and an entry appears in the access.log.
What can be a jamb? I don't want to change default_server because of one subdomain.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
E
emashev, 2019-10-24
@emashev

I found a solution by reading the doc on the Hosts headers, in general, either set the default_server on this subdomain, or set the server_name also to those domains that will be processed through api gw.

Similar questions
D
digitaldemiurge2013-02-06 12:26:46
Nginx and foreign domains 3Reply
G
Gleb Starkov2013-02-14 06:56:28
File upload size in nginx 1Reply
I
i_want_to_know_everything2016-01-15 07:47:32
Ngnix redirect? 1Reply
A
Andrey Bystrov2016-01-15 10:18:59
How to make Nginx process ajax requests? 1Reply
A
avp2018-05-27 17:03:22
Certificate. LetsEncrypt. Not tied to the root of the site. How? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question