skydive
skydive copied to clipboard
Published
20 hours ago •
skydive-project
skydive-project
How work skydive if HTTPS terminate on nginx load balancer?
upstream skydive_backend {
server 127.0.0.1:8082;
}
server {
listen 443 ssl;
server_name skydive.mycompany.local;
access_log /var/log/nginx/skydive-access.log full;
error_log /var/log/nginx/skydive-error.log warn;
location / {
proxy_pass http://skydive_backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Config skydive.yml of analyzer
tls:
server_cert: /etc/skydive/20112019-mycompany.crt
server_key: /etc/skydive/20112019-mycompany.key
analyzer:
auth:
cluster:
backend: cluster
password: secret
username: skydive
listen: 0.0.0.0:8082
analyzers:
- 10.233.47.196:8082
auth:
cluster:
type: basic
users:
skydive: secret
etcd:
embedded: true
listen: 0.0.0.0:12379
name: dev-tools-skydive-1
flow:
protocol: udp
host_id: dev-tools-skydive-1
Config skydive.yml of agent
agent:
auth:
cluster:
password: secret
username: skydive
listen: 0.0.0.0:8081
topology:
neutron:
domain_name: Default
endpoint_type: internal
password: secret
region_name: RegionOne
ssl_insecure: true
tenant_name: service
username: skydive.service
probes:
- socketinfo
analyzers:
- skydive.mycompany.local:443
flow:
protocol: udp
host_id: dev-tools-skydive-2
skydive client query "G.V().Has('Name', 'TOR')"
2020-07-02T17:33:17.128+0300 ERROR client/client.go:62 exitOnError dev-tools-skydive-2: 400 Bad Request: <html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.16.1</center>
</body>
</html>
Skydive agent send HTTP request to HTTPS port. How work skydive if HTTPS terminate on nginx load balancer?