NGINX as a reverse proxy for Prism


Badge +2
JSESSIONID cookie used by Prism is not being set. Tried with available options. Any one has succeeded in doing this?

9 replies

Userlevel 7
Badge +30
I'm curious, what are you trying to do for a use case, where this configuration is required?
Badge +2
Here we don't have many public IP's. So we point all the domains to one VM, on which we setup a reverse proxy (redirect request) to another VM which has only an internal IP.

I have a domain registered for prism console as well, so that we can accesss the domain rather than the IP as well as can be accessible outside out network as well, but the same configuration I followed for other sites didn't work with prism.

Attaching sample configuration below

server {
listen 80;
server_name example.com
location / {
proxy_set_header Host example.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
proxy_pass https://172.x.x.x:9440/;
#proxy_connect_timeout 240;
#proxy_send_timeout 240;
#proxy_read_timeout 240;
/// Added this code to set the cookie, but didn't worked
if ($http_cookie ~* "jsessionid=([^;]+)(?:;|$)") {
set $co "jsessionid=$1";
}
proxy_set_header Cookie "$co";
/// Code END
}
}


Userlevel 7
Badge +30
Is that to say you are trying to use a Public IP to access Prism from the internet?
Badge +2
Yes
Badge +2
Hi Ravi,

Is the cookie not being set the main problem you are having, can you describe the issues you are having in details? A screenshot with the dev console from the browser would be also helpful.

Thanks,
- Ray
Badge +1
At first glance, two things worth trying:
1) Move the proxy_pass directive to the end of that section (after the set_cookie portion)
2) Rather than the cookie method you're looking at, maybe take a look at the following parameters proxy_cookie_domain:
http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cookie_domain


Badge +2
Apologies for delayed response

I've tried the suggested steps but still the problem exists


Badge +2
Apologies for delayed response.

I think that the cookie is the problem.
Find the image of the network requests that are being made when setting the configuration


Badge

Ravi,I appreciate that this has been unresolved for almost a year so I'm assuming you found the answer(s) already. Just in case, and for the sake of documentaiton, here are two pointers. Full disclosure: I work for NGINX and am just starting to dig into the Nutanix platform, so YMMV. 1) To set a new cookie with NGINX, you need use the 'add_header Set-Cookie' directive instead of 'proxy_set_header'. The format using your example would be 'add_header Set-Cookie jsessionid=$co;' (note that in this case you would need to remove 'jsessionid' from your $co set). 2) NGINX Plus, the commercial version of NGINX, supports additional load balancing methods which can read and learn a jsessionid from the app. Being new to Nutanix I'm not sure this is what you're looking for, but simply based on your if statement where you're looking for a jsessionid I assume this is the same use case. You can find documentation on jsessionid learning on nginx.org. Hope that helps all these months later. ravismula wrote:Here we don't have many public IP's. So we point all the domains to one VM, on which we setup a reverse proxy (redirect request) to another VM which has only an internal IP.

I have a domain registered for prism console as well, so that we can accesss the domain rather than the IP as well as can be accessible outside out network as well, but the same configuration I followed for other sites didn't work with prism.

Attaching sample configuration below

server {
listen 80;
server_name example.com
location / {
proxy_set_header Host example.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
proxy_pass https://172.x.x.x:9440/;
#proxy_connect_timeout 240;
#proxy_send_timeout 240;
#proxy_read_timeout 240;
/// Added this code to set the cookie, but didn't worked
if ($http_cookie ~* "jsessionid=([^;]+)(?:;|$)") {
set $co "jsessionid=$1";
}
proxy_set_header Cookie "$co";
/// Code END
}
}



Reply