Update 2. I want to add and forward all traffic to localhost/admin/
instead of localhost/
.
- App listen to those paths:
localhost/
(then gets 302 tolocalhost/login
by application),localhost/overview
,localhost/books/details
, etc.
- I want admin user to use those urls:
localhost/admin/
(to get 302localhost/admin/login
by
application)localhost/admin/overview
localhost/admin/books/details
- With my reverse proxy (see below):
localhost/admin/
(I get 302localhost/login
by application)
,
I could use also ingrees-nginx-controller
instead of mounting file.
In docker nginx.conf (or similar to k8s)
server {
listen 80 default_server;
listen [::]:80 default_server;
...
location /admin {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host/admin;
proxy_pass http://<conteiner2>.docker-network;
}
...
}
Update1
For kubernetes I am trying to setup the the ingress-nginx
For this I installed the ingress-nginx-controller
and I setup the ingress-nginx
using this YAML:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/configuration-snippet: |
more_set_headers "Host $host";
more_set_headers "X-Real-IP $remote_addr";
more_set_headers "X-Forwarded-For $proxy_add_x_forwarded_for";
more_set_headers "X-Forwarded-Proto $scheme";
more_set_headers "X-Forwarded-Host $host/admin";
name: test-ingress
namespace: <namespace>
spec:
rules:
- http:
paths:
- path: /admin
backend:
serviceName: <app1>-admin
servicePort: 8002
Best Answer
So, there are a few things going on here; foremost:
is incorrect because
x-forwarded-HOST
should not contain a uri, as you have with/admin
: it should just be the$host
; what you really want is to updateproxy_pass
to contain the$request_uri
as you can observe that the generated nginx.conf does when using the nginx Ingress controller. That wait the location's URI/admin
along with whatever else matches in the location will be passed upstream as expected:Secondly, if you are experiencing that you want some
configuration-snippet:
applied to one URI but not both of them, then split out the two routes into two separate Ingress resources, so they can be managed independently:There are two great ways: first, grab the generated nginx.conf and read over it to see what you were expecting to happen versus what did happen:
The other way is to turn the nginx log level to
debug
(which can be problematic if you're trying to debug in a production setting because of the absolutely insane amount of text it will generate, but it will almost certainly have the actual answer to whatever you are trying to debug):