Reputation: 9662
Nginx location /logs doesn't proxy pass correctly to Kibana leading to 404
We have a dockerized architecture. The only and main entrypoint is our nginx. Which makes the link between all our services.
Reaching the domain name with location / works fine. Our Angular frontend app displays correctly.
The main problem is to access KIBANA (v5.5) on /logs location.
For example trying to reach https://dev.example.com/logs/ the browser displays a 404 due to the fact it tries to reach https://dev.example.com/login?next=%2Flogs.
It seems Kibana, as proxied in our Location endpoint, tries to rewrite url with a base url of /. Instead of rewriting URI appended after /logs/ location.
How to improve our configuration to: - Allow reaching of /logs/ which display our Kibana app correctly?
Here is our nginx configuration. Please note client, backend, kibana refers to docker hostnames.
server {
listen 443;
ssl on;
rdns on;
ssl_certificate /etc/ssl/production/certs/example/fullchain.pem;
ssl_certificate_key /etc/ssl/production/certs/example/privkey.pem;
server_name dev.example.com;
# Angular APP
location / {
proxy_pass http://client;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Backend proxy
location /api {
proxy_pass http://backend:9090;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Logs on Kibana
location /logs {
proxy_pass http://kibana:5601;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Results of CURL request:
curl -v https://dev.example.com/logs/
* About to connect() to dev.example.com port 443 (#0)
* Trying xx.xx.xx.xx...
* connected
* Connected to dev.example.com (xx.xx.xx.xx) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: CN=example.com
* start date: 2017-08-23 17:26:00 GMT
* expire date: 2017-11-21 17:26:00 GMT
* subjectAltName: dev.example.com matched
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
> GET /logs HTTP/1.1
> User-Agent: curl/7.28.1
> Host: dev.example.com
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Server: nginx/1.13.1
< Date: Sat, 26 Aug 2017 15:39:43 GMT
< Content-Type: text/html
< Content-Length: 169
< Connection: keep-alive
<
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.13.1</center>
</body>
</html>
* Connection #0 to host dev.example.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
Thanks for your help on this.
Upvotes: 1
Views: 496
Answers (1)
Reputation: 13260
You need to set the server.basePath to /logs by passing the SERVER_BASEPATH environment variable to the kibana container.
Then, you need to strip the /logs prefix in nginx using a rewrite in the proxied location:
location /logs {
rewrite ^/logs(/.*)$ $1 break;
proxy_pass http://kibana:5601;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
Plus, there apparently is a bug in kibana, and the above configuration works only if we reach kibana with the following url:
http://nginxip/logs/
but not if we don't have an ending slash, such as:
http://nginxip/logs
To solve this, we need to add another rewrite in nginx to ensure there always is an ending slash. Add the following outside of the /logs location:
rewrite ^/logs$ /logs/;
Source: https://www.elastic.co/guide/en/kibana/current/settings.html
Upvotes: 1
Related Questions
- why does Kibana forward the url to `/spaces/enter`?
- Unable to access Kibana behind NginX reverse proxy on Docker
- NginX reverse proxy for Kibana over Docker
- Problem with Kibana login after set SERVER_BASEPATH SERVER_PUBLICBASEURL
- Kibana with nginx as a reverse-proxy just results in a 404 error
- Kibana 5.5.1 behind a nginx 1.13 proxy (dockerized)
- nginx proxy_pass leads to 404 Not Found page
- NGINX frontending Kibana not working with "_plugin/kibana/" URI
- nginx on docker doesn't work with location URL
- unable to proxy from nginx to kibana