Proxy_set_header HOST $host The assignment of this parameter, when doing forwarding is very important, he can directly determine server_name matching values, below we look at an example:
Let's talk about the test architecture:
NGINX1 (10.0.0.8), Nginx2 (10.0.0.1), Tomcat (10.0.0.100)
One, each node configuration information
1, also need a test machine, the test machine needs to first configure the host:
$ cat/etc/hosts
10.0.0.8 sso.cbpmgt.com
2, tomcat above only a test page, content is Hello World
3, the following is the configuration of the NGINX1, note the configuration of the host parameter:
Upstream SSO {
Server 10.0.0.1:80 max_fails=2 fail_timeout=30s;
}
server {
Listen 80;
server_name sso.cbpmgt.com;
Location/{
Access_log/export/log/nginx/sso_access.log main;
Error_log/export/log/nginx/sso_error.log warn;
Proxy_pass http://sso/;
Proxy_redirect off;
#proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
}
}
4, the following is the configuration of nginx2:
Upstream Sso-yz {
Server 10.0.0.100: max_fails=2 fail_timeout=30s;
}
server {
Listen 80;
server_name SSO;
Location/{
Access_log/export/log/nginx/sso_m6-yz.log main;
Error_log/export/log/nginx/sso_m6-yz-error.log warn;
Proxy_pass http://sso-yz/;
Proxy_redirect off;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
}
}
Second, the test
1, test the host parameter does not configure the situation:
Now start the test from the test machine and execute it on the test machine: Curl http://sso.cbpmgt.com/test.htm, you can see the normal access to Tomcat:
# Curl Http://sso.cbpmgt.com/test.htm
Hello World
2, test the host parameter configuration:
Now we change the configuration of nginx1, configuration changes are as follows, configure the host parameter:
Upstream SSO {
Server 10.0.0.1:80 max_fails=2 fail_timeout=30s;
}
server {
Listen 80;
server_name sso.cbpmgt.com;
Location/{
Access_log/export/log/nginx/sso_access.log main;
Error_log/export/log/nginx/sso_error.log warn;
Proxy_pass http://sso/;
Proxy_redirect off;
proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
}
}
3, or from the test machine launch test: Curl http://sso.cbpmgt.com/test.htm, here will not have any results, as follows:
# Curl Http://sso.cbpmgt.com/test.htm
#
Cause: Because the host received on NGINX2 is sso.cbpmgt.com, this will not match the SSO server_name, resulting in an access failure
To summarize: Proxy_set_header host $host; This command will pass the requested host (here is sso.cbpmgt.com) to the backend service, Nginx is also to eradicate this host and Server_nanme do match, Then the corresponding proxy. In the first case, because the comment dropped the HTTP header host's parameter assignment, the NGINX2 gets the SSO host value.
Assignment of Nginx Host