Tuesday, August 23, 2016

 

Ngnix Settings for two pubstore instances on the same openstack cloud .......

 

1. Access your openstack cloud instance using ssh commands.

2. Navigate to /etc/nginx/conf.d/xx.conf file.

3. Add the below configuration.

upstream pubstore {
  server 192.168.61.xx:9443;
  server 192.168.61.yy:9443;
  ip_hash;
}

server {

        listen 443 ssl;
        server_name apim.cloud.wso2.com;

        ssl on;
        ssl_certificate /etc/nginx/ssl/ssl.crt;
        ssl_certificate_key /etc/nginx/ssl/ssl.key;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_http_version 1.1;
        client_max_body_size 20M;

        location / {
                proxy_set_header Host $http_host;
                proxy_read_timeout 5m;
                proxy_send_timeout 5m;

                index index.html;
                proxy_set_header X-Forwarded-Host $host;
                proxy_set_header X-Forwarded-Server $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass https://pubstore;
        }
}


** For ngnix community edition use ip_hash.
** For ngnix plus add sticky session configurations as below.


 sticky learn create=$upstream_cookie_jsessionid
 lookup=$cookie_jsessionid
 zone=client_sessions:1m;


--------------------------------------------------------------------------------------------------------------------------
                ------------- XXXXXXXXXXXXXXXXXXXXXXXXXXX ---------------
--------------------------------------------------------------------------------------------------------------------------

WSO2IS-5.2.0 Testing Proxy Context Path 

1. Open sudo vim sites-enabled/default  and add below. 


server {
listen 443;
    server_name wso2test.com;
    client_max_body_size 100M;

    root /usr/share/nginx/www;
    index index.html index.htm;

    ssl on;
    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;

    location /is/ {
        proxy_pass https://is.wso2test.com:9443/;
    }


}


* Now Restart the nginx server. 

sudo service nginx restart



2.  Change [Product_Home]/repository/conf/carbon.xml

    <HostName>wso2test.com</HostName>

    <!--
    Host name to be used for the Carbon management console
    -->

    <MgtHostName>is.wso2test.com</MgtHostName>


    <MgtProxyContextPath>is</MgtProxyContextPath>

    <ProxyContextPath>is</ProxyContextPath>


3.  Add proxy port to [Product_Home]/repository/conf/tomcat/catalina-server.xml

<Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
                   port="9443"
                   proxyPort="443"              
                   bindOnInit="false"
                   sslProtocol="TLS"
                   sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
                   maxHttpHeaderSize="8192"
                   acceptorThreadCount="2"
                   maxThreads="250"
                   minSpareThreads="50"
                   disableUploadTimeout="false"
                   enableLookups="false"
                   connectionUploadTimeout="120000"
                   maxKeepAliveRequests="200"
                   acceptCount="200"
                   server="WSO2 Carbon Server"
                   clientAuth="want"
                   compression="on"
                   scheme="https"
                   secure="true"
                   SSLEnabled="true"
                   compressionMinSize="2048"
                   noCompressionUserAgents="gozilla, traviata"
                   compressableMimeType="text/html,text/javascript,application/x-javascript,application/javascript,application/xml,text/css,application/xslt+xml,text/xsl,image/gif,image/jpg,image/jpeg"
                   keystoreFile="${carbon.home}/repository/resources/security/wso2carbon.jks"
                   keystorePass="wso2carbon"

                   URIEncoding="UTF-8"/>


* Do the same to  port="9763" aswell.


4. Add below to etc/hosts

127.0.0.1        wso2test.com

127.0.0.1        is.wso2test.com





No comments:

Post a Comment