Join Log in
Score:0
mattb avatar Server

nginx load balancing with multiple server blocks

lk flag
mattb

I have the following setup because I'm putting nginx in front of two azure app services in different regions - without this (e.g. having the app services directly in my upstream block) it appears that nginx was connecting to azure by IP address rather than the hostname so the azure load balancer didn't know where to route the request - or not setting the Host header to the correct value.

But I now have the issue that my upstream block will not fail if the server in the related server block is down because it is connecting to the local host server blocks.

I've tried using the proxy_next_upstream options, but they don't appear to be doing what I need.

Can I achieve what I want, maybe my upstream settings pointing to the localapps is the real problem but I couldn't find a way to get nginx to play ball with the app service otherwise.

upstream localapps {
    server localhost:8001;
    server localhost:8002;
}

server {

        location / {
          proxy_pass http://localapps;
          proxy_next_upstream error timeout http_403;
          proxy_next_upstream_timeout 5m;
          proxy_next_upstream_tries 20;
          proxy_connect_timeout   2;
        }

     listen 443 ssl; # managed by Certbot
     ssl_certificate <path>/fullchain.pem; # managed by Certbot
     ssl_certificate_key <path>/privkey.pem; # managed by Certbot
     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    listen 8001;
    server_name web01;

    location / {
        proxy_set_header Host app1.azurewebsites.net;
        proxy_pass https://app1.azurewebsites.net;
        proxy_cookie_domain app1.azurewebsites.net mycustomdomain.com;
        proxy_ssl_certificate <path>/fullchain.pem;
        proxy_ssl_certificate_key <path>/privkey.pem;
        proxy_ssl_session_reuse on;

    }
}

server {
    listen 8002;
    server_name web02;

    location / {
        proxy_set_header Host app2.azurewebsites.net;
        proxy_pass https://app2.azurewebsites.net;
        proxy_cookie_domain app1.azurewebsites.net mycustomdomain.com;
        proxy_ssl_certificate <path>/fullchain.pem;
        proxy_ssl_certificate_key <path>/privkey.pem;
        proxy_ssl_session_reuse on;
    }
}

server {
    if ($host = myvm.westeurope.cloudapp.azure.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    server_name myvm.westeurope.cloudapp.azure.com;
    listen 80;
    return 404; # managed by Certbot
}
76
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.