Prism

Welcome to the Nutanix NEXT community. To get started please read our short welcome post. Thanks!

cancel
Showing results for 
Search instead for 
Did you mean: 

NGINX as a reverse proxy for Prism

Adventurer

NGINX as a reverse proxy for Prism

JSESSIONID cookie used by Prism is not being set. Tried with available options. Any one has succeeded in doing this?

Ravi S Mula
9 REPLIES
Moderator Moderator
Moderator

Re: NGINX as a reverse proxy for Prism

I'm curious, what are you trying to do for a use case, where this configuration is required?

Jon Kohler | Principal Architect, Nutanix | Nutanix NPX #003, VCDX #116 | @JonKohler
Please Kudos if useful!
Adventurer

Re: NGINX as a reverse proxy for Prism

Here we don't have many public IP's. So we point all the domains to one VM, on which we setup a reverse proxy (redirect request) to another VM which has only an internal IP.

 

I have a domain registered for prism console as well, so that we can accesss the domain rather than the IP as well as can be accessible outside out network as well, but the same configuration I followed for other sites didn't work with prism.

 

Attaching sample configuration below

 

server {

         listen 80;

         server_name example.com 

         location / {

                proxy_set_header  Host example.com;

                proxy_set_header  X-Real-IP $remote_addr;

                proxy_set_header  X-Forwarded-Proto http;

                proxy_set_header  X-Forwarded-For $remote_addr;

                proxy_set_header  X-Forwarded-Host $remote_addr;

                proxy_pass https://172.x.x.x:9440/;

                #proxy_connect_timeout      240;

                #proxy_send_timeout         240;

                #proxy_read_timeout         240;

/// Added this code to set the cookie, but didn't worked

                if ($http_cookie ~* "jsessionid=([^;]+)(?:;|$)") {

                        set $co "jsessionid=$1";

                }

                proxy_set_header Cookie "$co";

/// Code END

        }

}

 

 

Ravi S Mula
Moderator Moderator
Moderator

Re: NGINX as a reverse proxy for Prism

Is that to say you are trying to use a Public IP to access Prism from the internet?

Jon Kohler | Principal Architect, Nutanix | Nutanix NPX #003, VCDX #116 | @JonKohler
Please Kudos if useful!
Adventurer

Re: NGINX as a reverse proxy for Prism

Yes

Ravi S Mula
Nutanix Employee

Re: NGINX as a reverse proxy for Prism

Hi Ravi,

 

Is the cookie not being set the main problem you are having, can you describe the issues you are having in details? A screenshot with the dev console from the browser would be also helpful.

 

Thanks,

- Ray

Nutanix Employee

Re: NGINX as a reverse proxy for Prism

At first glance, two things worth trying:

1) Move the proxy_pass directive to the end of that section (after the set_cookie portion)

2) Rather than the cookie method you're looking at, maybe take a look at the following parameters proxy_cookie_domain:

http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cookie_domain

 

 

Adventurer

Re: NGINX as a reverse proxy for Prism

Apologies for delayed response

@greg3

I've tried the suggested steps but still the problem exists

 

 

Ravi S Mula
Adventurer

Re: NGINX as a reverse proxy for Prism

Apologies for delayed response.

 

I think that the cookie is the problem.

Find the image of the network requests that are being made when setting the configuration

Screen Shot 2016-07-08 at 12.15.53 PM.png

Ravi S Mula
Pathfinder

Re: NGINX as a reverse proxy for Prism

Ravi,

I appreciate that this has been unresolved for almost a year so I'm assuming you found the answer(s) already. Just in case, and for the sake of documentaiton, here are two pointers. Full disclosure: I work for NGINX and am just starting to dig into the Nutanix platform, so YMMV. 

1) To set a new cookie with NGINX, you need use the 'add_header Set-Cookie' directive instead of 'proxy_set_header'. The format using your example would be 'add_header Set-Cookie jsessionid=$co;' (note that in this case you would need to remove 'jsessionid' from your $co set). 

2) NGINX Plus, the commercial version of NGINX, supports additional load balancing methods which can read and learn a jsessionid from the app. Being new to Nutanix I'm not sure this is what you're looking for, but simply based on your if statement where you're looking for a jsessionid I assume this is the same use case. You can find documentation on jsessionid learning on nginx.org. 

Hope that helps all these months later. 

ravismula wrote:

Here we don't have many public IP's. So we point all the domains to one VM, on which we setup a reverse proxy (redirect request) to another VM which has only an internal IP.

 

I have a domain registered for prism console as well, so that we can accesss the domain rather than the IP as well as can be accessible outside out network as well, but the same configuration I followed for other sites didn't work with prism.

 

Attaching sample configuration below

 

server {

         listen 80;

         server_name example.com 

         location / {

                proxy_set_header  Host example.com;

                proxy_set_header  X-Real-IP $remote_addr;

                proxy_set_header  X-Forwarded-Proto http;

                proxy_set_header  X-Forwarded-For $remote_addr;

                proxy_set_header  X-Forwarded-Host $remote_addr;

                proxy_pass https://172.x.x.x:9440/;

                #proxy_connect_timeout      240;

                #proxy_send_timeout         240;

                #proxy_read_timeout         240;

/// Added this code to set the cookie, but didn't worked

                if ($http_cookie ~* "jsessionid=([^;]+)(?:;|$)") {

                        set $co "jsessionid=$1";

                }

                proxy_set_header Cookie "$co";

/// Code END

        }

}