Make nginx to pass hostname of the upstream when reverseproxying
I run several docker containers with hostnames:
web1.local web2.local web3.local
Routing to these done based on hostname by nginx. I have a proxy in front of this setup (on different machine connected to internet) where I define upstream as:
upstream main {
server web1.local:80;
server web2.local:80;
server web3.local:80;
}
And actual virtual host description:
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://main;
}
}
Now, because containers receive hostname "main" instead of "web1.local", they do not respond properly to the request.
Question: how I can tell nginx to pass name of the upstream server instead of name of upstream group of servers in Host: header when proxying request?
Actually you can do that via proxy_set_header.
For more details look here: http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_header or see an example use-case here: https://stackoverflow.com/questions/12847771/configure-nginx-with-proxy-pass
I have included the dynamic approach into your above posted configuration:
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://main;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
Here is an example with a static host name:
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://main;
proxy_set_header Host www.example.com;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
I had the same problem and I finally solved it by using two levels of proxy. Here is how you could do for your situation (I think):
server {
listen 8001 default_server;
server_name web1.example.com;
location / {
proxy_pass http://web1.local:80;
proxy_set_header Host web1.local:80;
}
}
server {
listen 8002 default_server;
server_name web2.example.com;
location / {
proxy_pass http://web2.local:80;
proxy_set_header Host web2.local:80;
}
}
server {
listen 8003 default_server;
server_name web3.example.com;
location / {
proxy_pass http://web3.local:80;
proxy_set_header Host web3.local:80;
}
}
upstream main {
server 127.0.0.1:8001;
server 127.0.0.1:8002;
server 127.0.0.1:8003;
}
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://main;
}
}
As you can see, the trick is to create a local server responding to a particular port that will proxy the server by rewriting the right Host for each servers. Then, you can use this local servers in your upstream and finally use that upstream in the real proxy.
While the goal seems logical, nginx isn't going to change the Host: header to match the upstream. Instead, it treats upstream
domain names like a CNAME
in DNS - as a way to get to an IP address.
The request headers (and body) are fixed before the upstream is selected. The upstream may change mid-request if it's a particular upstream is found to be non-responsive, but the request doesn't change.
We pass in the upstream addr as a separate header like this
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://main;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
add_header X-Upstream $upstream_addr;
}
}
What if you tried?
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://main;
proxy_set_header Host $upstream_addr;
proxy_set_header X-Forwarded-For $remote_addr;
add_header X-Host $host;
}
}
So from reading all documentation for nginx (I could not really parse code for upstream module =( ) I came up with this bastardized solution. Unfortunately this solution does not keep track of failed hosts, but simply select random one and redirect request to it. So I have to setup some kind of monitoring to make sure all backends are running.
server {
listen 80;
server_name example.com;
resolver 127.0.0.1;
location / {
set $upstream "";
rewrite_by_lua '
local upstreams = {
"http://web1.dokku.localdomain",
"http://web2.dokku.localdomain",
"http://web3.dokku.localdomain",
"http://web4.dokku.localdomain"
}
ngx.var.upstream = upstreams[ math.random( #upstreams ) ]
';
proxy_pass $upstream;
}
}