Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Use the following steps to configure Nginx Plus as the load balancer for WSO2 products.

  1. Install Nginx Plus in a server configured in your cluster.
  2. Configure Nginx Plus to direct the HTTP requests to the two worker nodes via the HTTP 80 port using the http://as.wso2.com/<service>To do this, create a VHost file (as.http.conf) in the /etc/nginx/conf.d/ directory and add the following configurations into it.

    Code Block
    upstream wso2.as.com {
            sticky cookie JSESSIONID;
            server xxx.xxx.xxx.xx3:9763;
            server xxx.xxx.xxx.xx4:9763;
    }
    
    server {
            listen 80;
            server_name as.wso2.com;
            location / {
                   proxy_set_header X-Forwarded-Host $host;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_set_header Host $http_host;
                   proxy_read_timeout 5m;
                   proxy_send_timeout 5m;
                   proxy_pass http://wso2.as.com;
            }
    }
  3. Configure Nginx Plus to direct the HTTPS requests to the two worker nodes via the HTTPS 443 port using https://as.wso2.com/<service>To do this, create a VHost file (as.https.conf) in the /etc/nginx/conf.d/ directory and add the following configurations into it.

    Code Block
    upstream ssl.wso2.as.com {
    	sticky cookie JSESSIONID;
    	server xxx.xxx.xxx.xx3:9443;
    	server xxx.xxx.xxx.xx4:9443;
    }
    
    server {
    listen 443;
    	server_name as.wso2.com;
    	ssl on;
    	ssl_certificate /etc/nginx/ssl/wrk.crt;
    	ssl_certificate_key /etc/nginx/ssl/wrk.key;
    	location / {
                   proxy_set_header X-Forwarded-Host $host;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_set_header Host $http_host;
                   proxy_read_timeout 5m;
                   proxy_send_timeout 5m;
    	    proxy_pass https://ssl.wso2.as.com;
        	}
    }
  4. Configure Nginx Plus to access the Management Console as https://mgt.as.wso2.com/carbon via HTTPS 443 port. This is to direct requests to the manager node. To do this, create a VHost file (mgt.as.https.conf) in the /etc/nginx/conf.d/ directory and add the following configurations into it.

    Code Block
    server {
    	listen 443;
    	server_name mgt.as.wso2.com;
    	ssl on;
    	ssl_certificate /etc/nginx/ssl/mgt.crt;
    	ssl_certificate_key /etc/nginx/ssl/mgt.key;
    
    	location / {
                   proxy_set_header X-Forwarded-Host $host;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_set_header Host $http_host;
                   proxy_read_timeout 5m;
                   proxy_send_timeout 5m;
    	    proxy_pass https://xxx.xxx.xxx.xx2:9443/;
        	}
    	error_log  /var/log/nginx/mgt-error.log ;
               access_log  /var/log/nginx/mgt-access.log;
    }
  5. Restart the Nginx Plus server.
    $sudo service nginx restart

    Tip

    Tip: You do not need to restart the server if you are simply making a modification to the VHost file. The following command should be sufficient in such cases.

    $sudo service nginx reload 

     

     

Create SSL certificates

Create SSL certificates for both the manager and worker nodes using the instructions that follow.

...