aws-es-proxy icon indicating copy to clipboard operation
aws-es-proxy copied to clipboard

Published 20 hours ago verified publisher icon abutaha

Pass Accept header to ES if exists

Open maciekm opened this issue 5 years ago • 3 comments

👋

I'm trying to use the proxy with Graylog and hit an issue that it sets Accept header instead of passing the format parameter.

to illustrate, before applying the fix:

$ curl -H "Accept: application/json" http://aws-es-proxy-graylog.default:9200/_cat/indices/graylog_*?h=index%2Cstatus
graylog_0 open

Graylog error:

ERROR [SystemJobManager] - Unhandled error while running SystemJob <90846e60-b421-11ea-8612-ae12c499bc3e> [org.graylog2.indexer.indices.jobs.SetIndexReadOnlyAndCalculateRangeJob] - {} java.lang.IllegalArgumentException: Cat response did not contain a JSON Array (...) Caused by: java.io.IOException: Request GET http://aws-es-proxy-graylog.default:9200/cat/indices/graylog*?h=index%2Cstatus HTTP/1.1 yielded text/plain;charset=UTF-8, should be json: HTTP/1.1 200 OK (...) Caused by: com.fasterxml.jackson.core.JsonParseException: Unrecognized token 'graylog_0': was expecting ('true', 'false' or 'null') at [Source: (String)"graylog_0 open

with fix:

$ curl -H "Accept: application/json" http://aws-es-proxy-graylog.default:9200/_cat/indices/graylog_*?h=index%2Cstatus
[{"index":"graylog_1","status":"open"}]

The error is gone and Indices page loads OK.

For testing its available here: maciekm/aws-es-proxy

Also moved the version before the endpoints cli parameter check as it exits anyway after printing the version.

Thanks for aws-es-proxy 👍

maciekm avatar Jun 22 '20 01:06 maciekm

🤔 why not future proof and copyHeaders from src to dst?

maciekm avatar Jun 22 '20 09:06 maciekm

why not future proof and copyHeaders from src to dst?

Thanks for your patch @maciekm. Actually it's a good question, I was thinking of rewriting that function. This started as a hack to fix a problem in a version of Kibana. When I first wrote the proxy, there wasn't any need to copy any header (older versions of ES/Kibana).

I will play with it during this week and see what could be done to future proof it as you recommended.

Thanks,

abutaha avatar Jun 23 '20 14:06 abutaha

Similarly, I would like to set the Authorization and headers related to SigV4 signing. If they are set, I want the proxy to pass through those headers without changing them or anything else about the request, when sending the request to the ES Host target. This is helpful when accessing the proxy from outside of private subnets, but the proxy has access to the private subnets containing the target ES Host.

cyrfer avatar Aug 31 '21 20:08 cyrfer