search

skydive-project / skydive

An open source real-time network topology and protocols analyzer
https://skydive.network
Apache License 2.0
2.68k stars 402 forks source link

How work skydive if HTTPS terminate on nginx load balancer? #2241

Open patsevanton opened 4 years ago

patsevanton commented 4 years ago 
upstream skydive_backend {
    server 127.0.0.1:8082;
}

server {
    listen 443 ssl;
    server_name skydive.mycompany.local;
    access_log /var/log/nginx/skydive-access.log full;
    error_log /var/log/nginx/skydive-error.log warn;

    location / {
        proxy_pass http://skydive_backend;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

Config skydive.yml of analyzer

tls:
  server_cert: /etc/skydive/20112019-mycompany.crt
  server_key:  /etc/skydive/20112019-mycompany.key

analyzer:
  auth:
    cluster:
      backend: cluster
      password: secret
      username: skydive
  listen: 0.0.0.0:8082
analyzers:
- 10.233.47.196:8082
auth:
  cluster:
    type: basic
    users:
      skydive: secret
etcd:
  embedded: true
  listen: 0.0.0.0:12379
  name: dev-tools-skydive-1
flow:
  protocol: udp
host_id: dev-tools-skydive-1

Config skydive.yml of agent

agent:
  auth:
    cluster:
      password: secret
      username: skydive
  listen: 0.0.0.0:8081
  topology:
    neutron:
      domain_name: Default
      endpoint_type: internal
      password: secret
      region_name: RegionOne
      ssl_insecure: true
      tenant_name: service
      username: skydive.service
    probes:
    - socketinfo
analyzers:
- skydive.mycompany.local:443
flow:
  protocol: udp
host_id: dev-tools-skydive-2
patsevanton commented 4 years ago

skydive client query "G.V().Has('Name', 'TOR')"

2020-07-02T17:33:17.128+0300    ERROR   client/client.go:62 exitOnError dev-tools-skydive-2: 400 Bad Request: <html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.16.1</center>
</body>
</html>
patsevanton commented 4 years ago

Skydive agent send HTTP request to HTTPS port. How work skydive if HTTPS terminate on nginx load balancer?