我正在运行AWS Managed ElasticSearch来收集一些日志,并创建了一些Kibana仪表板来显示数据,一切正常.
不幸的是,AWS群集中包含的Kibana插件对全世界都是开放的,所以我设置了一个Nginx反向代理来提供经过身份验证的访问.如果我只是点击域URL并指定Kibana插件的完整URI,这也可以正常工作.例如:
http://nginx.domain.com/_plugin/kibana/app/kibana工作得很好,这里是我用来实现的Nginx配置:
worker_processes 1;
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name localhost;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_set_header User-Agent $http_user_agent;
auth_basic_user_file /etc/Nginx/.htpasswd;
auth_basic "Auth required";
proxy_pass https://search-mystuff.ap-southeast-2.es.amazonaws.com/;
proxy_redirect https://search-mystuff.ap-southeast-2.es.amazonaws.com/ /;
proxy_set_header Authorization "";
proxy_hide_header Authorization;
}
}
}
我想简单地点击Nginx服务器的基本域名,然后将其重定向到完整的Kibana URI,而不是提供完整的URL.所以我喜欢这样做:
输入上面的URL后,我想重定向到完整的Kibana URI,所以我最终会得到这样的URL
http://nginx.domain.com/_plugin/kibana/app/kibana
这是我尝试过的Nginx配置(各种不同的排列)不起作用:
worker_processes 1;
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name localhost;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_set_header User-Agent $http_user_agent;
auth_basic_user_file /etc/Nginx/.htpasswd;
auth_basic "Auth required";
proxy_pass https://search-mystuff.ap-southeast-2.es.amazonaws.com/_plugin/kibana/app/kibana;
proxy_redirect https://search-mystuff.ap-southeast-2.es.amazonaws.com/_plugin/kibana/app/kibana /;
proxy_set_header Authorization "";
proxy_hide_header Authorization;
}
}
}
通过上面的配置,当我浏览到http://nginx.mydomain.com时,URL被重定向到:
http://Nginx.myaws.com.au/_plugin/kibana/app/kibana
看起来它应该工作,但是我在浏览器窗口中收到错误:
{"statusCode":404,"error":"Not Found"}
我有大约4个小时的Nginx经验,所以希望我错过了一些简单的东西.任何帮助将非常感谢.
谢谢!
解决方法:
终于明白了!
worker_processes auto;
events {
worker_connections 1024;
}
http {
server {
listen 80 default_server;
server_name localhost;
location / {
proxy_set_header Host https://<endpoint address>.es.amazonaws.com;
proxy_set_header X-Real-IP <Nginx ip address>;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
proxy_set_header Authorization "";
proxy_pass https://<endpoint address>.es.amazonaws.com/_plugin/kibana/;
proxy_redirect https://<endpoint address>.es.amazonaws.com/_plugin/kibana/ http://<Nginx url>/kibana/;
}
location ~ (/app/kibana|/app/timelion|/bundles|/es_admin|/plugins|/api|/ui|/elasticsearch) {
auth_basic_user_file /etc/Nginx/.htpasswd;
auth_basic "Auth required";
proxy_pass https://<endpoint address>.es.amazonaws.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Authorization "";
proxy_hide_header Authorization;
}
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。