无法通过AWS负载均衡器HTTPS访问气流Web服务器,因为气流将我重定向到HTTP [英] Cannot access airflow web server via AWS load balancer HTTPS because airflow redirects me to HTTP
问题描述
我在EC2上配置了一个气流Web服务器,它侦听端口8080。
我在EC2前面有一个AWS ALB(应用程序负载平衡器),侦听https 80(面向互联网),实例目标端口面向http 8080。
我无法浏览https://< airflow link>来自浏览器,因为气流Web服务器将我重定向到http://<气流链接> / admin,ALB不会收听。
如果我浏览https://< airflow链接> / admin / airflow / login?next =%2Fadmin%2F从浏览器,然后我看到登录页面,因为此链接不会重定向我。
我的问题如何更改气流,以便在浏览https://< airflow link>,airflow Web服务器会将我重定向到https:...,而不是http:// .....
,以便AWS ALB可以处理请求。
我尝试从 http:// localhost更改airflow.cfg的base_url: 8080 改为 https:// localhost:8080 ,但我看不出有什么区别
无论如何,如何访问https://<
最后我自己找到了解决方案。
我在ALB和气流Web服务器之间引入了nginx反向代理:
https请求-> ALB:443-> nginx代理:80-> Web服务器:8080。我通过添加http标头 X-Forwarded-Proto https,使nginx代理告诉气流Web服务器原始请求是https而不是http。
nginx服务器与Web服务器位于同一位置。并将其配置设置为/etc/nginx/sites-enabled/vhost1.conf(请参见下文)。此外,我删除了/ etc / nginx / sites-enabled / default配置文件。
服务器{
听80 ;
server_name< domain> ;;
index index.html index.htm;
位置/ {
proxy_pass_header授权;
proxy_pass http:// localhost:8080;
proxy_set_header主机$ host;
proxy_set_header X-Real-IP $ remote_addr;
proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_http_version 1.1;
proxy_redirect关闭;
proxy_set_header连接;
proxy_buffering关闭;
client_max_body_size 0;
proxy_read_timeout 36000秒;
}
}
I have an airflow web server configured at EC2, it listens at port 8080.
I have an AWS ALB(application load balancer) in front of the EC2, listen at https 80 (facing internet) and instance target port is facing http 8080.
I cannot surf https://< airflow link > from browser because the airflow web server redirects me to http : //< airflow link >/admin, which the ALB does not listen at.
If I surf https://< airflow link > /admin/airflow/login?next=%2Fadmin%2F from browser, then I see the login page because this link does not redirect me.
My question is how to change airflow so that when surfing https://< airflow link > , airflow web server will redirect me to https:..., not http://..... so that AWS ALB can process the request.
I tried to change base_url of airflow.cfg from http://localhost:8080 to https://localhost:8080, according to the below answer, but I do not see any difference with my change....
Anyway, how to access https://< airflow link > from ALB?
Finally I found a solution myself.
I introduced a nginx reverse proxy between ALB and airflow web server: ie. https request ->ALB:443 ->nginx proxy: 80 ->web server:8080. I make the nginx proxy tell the airflow web server that the original request is https not http by adding a http header "X-Forwarded-Proto https".
The nginx server is co-located with the web server. and I set the config of it as /etc/nginx/sites-enabled/vhost1.conf (see below). Besides, I deletes the /etc/nginx/sites-enabled/default config file.
server {
listen 80;
server_name <domain>;
index index.html index.htm;
location / {
proxy_pass_header Authorization;
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_http_version 1.1;
proxy_redirect off;
proxy_set_header Connection "";
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 36000s;
}
}
这篇关于无法通过AWS负载均衡器HTTPS访问气流Web服务器,因为气流将我重定向到HTTP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
