Upstream Fallback if Backends can´t be reached

dubstep · December 15, 2011, 5:11pm

Hi Forum, i´m new to nginx and trying to realize the following. I want
to Loadbalance two Backends and have nginx to be the ssl Proxy. That
works so far.
I want nginx to rewrite a particular url to something else. That works
too.
But now i want to send the Clients to a maintenance site, if both
Backends fail, and i´m fighting like crazy here, but can´t get it to
work. Maybe you can give me some advice, here is me config:

user nginx;
worker_processes 1;

#error_log logs/error.log;
error_log logs/error.log notice;
#error_log logs/error.log info;

pid logs/nginx.pid;

events {
worker_connections 1024;
}

http {
upstream online {
healthcheck_enabled;
healthcheck_delay 5000;
healthcheck_timeout 5000;
healthcheck_failcount 1;
server 10.194.1.10:8080 max_fails=2 fail_timeout=2s weight=2;
server 10.194.1.108:8080 max_fails=2 fail_timeout=2s weight=2;
server 10.194.100.50:8080 weight=5; ##Fallback
sticky;
ip_hash;
}
upstream org {
healthcheck_enabled;
healthcheck_delay 5000;
healthcheck_timeout 5000;
healthcheck_failcount 1;
server 10.194.1.107:8090 max_fails=2 fail_timeout=2s weight=2;
server 10.194.1.108:8090 max_fails=2 fail_timeout=2s weight=2;
server 10.194.100.50:8080 weight=5; ##Fallback
sticky;
ip_hash;
}
gzip on;
server {
listen 10.194.100.50:8080;
server_tokens off;
if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 444;
}
index index.html;
root /var/www;
rewrite ^ http://10.194.100.50:8080/index.html;
}
server {
listen 10.194.100.50:80;
server_name www.example.de;
rewrite ^ http://www.example.de/de/examples/example.php?thisID=44
permanent;
}
server {
ssl on;
ssl_prefer_server_ciphers on;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL;
listen 10.194.100.50:443 ssl;
ssl_certificate ssl/nginx-test.crt;
ssl_certificate_key ssl/nginx-test.key;
keepalive_timeout 60;
server_tokens off;
if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 444;
}
server_name org;
location /org {
proxy_pass http://org;
}
server_name online;
location /online {
proxy_pass http://online;
}
}
}

Posted at Nginx Forum:

kperas · December 16, 2011, 1:29am

location /org {
proxy_pass http://org;
}

Something like:

proxy_intercept_errors on;

location /org {
proxy_pass http://org;
error_page 502 503 504 /error/page.html
}

location /error {
root /path/to/my/error/pages;
}

Maybe?
Probably have typos, done from memory

kperas · December 16, 2011, 8:20am

Hi Brian,

thanks a lot. I will try that today.

Greets

Posted at Nginx Forum:

kperas · December 16, 2011, 2:02pm

Hi Brian, that works like a charm! Thanks a lot!

But now i have some other but close requirement.

Right now i´m browsing to my site with URL
https://10.194.100.50/example-online or https://10.194.100.50/examle-org
and everything works. But if i go to https://10.194.100.50 i get
“Welcome to nginx” and if i go to https://10.194.100.50/exaaaapleeeee
(wrong target) i get “404 Not found” “nginx”

I would like to have all wrong URLs within https://10.194.100.50 to go
to my error.html

Is that possible?

Thanks in advance

Posted at Nginx Forum:

kperas · December 16, 2011, 2:04pm

here is my current nginx.conf:

##########################################
user nginx;
worker_processes 1;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
upstream example-online {
healthcheck_enabled;
healthcheck_delay 5000;
healthcheck_timeout 5000;
healthcheck_failcount 1;
server 10.194.1.107:8080 max_fails=2 fail_timeout=2s weight=2;
## server 10.194.1.108:8080 max_fails=2 fail_timeout=2s weight=2;
sticky;
ip_hash;
}
upstream example-org {
healthcheck_enabled;
healthcheck_delay 5000;
healthcheck_timeout 5000;
healthcheck_failcount 1;
server 10.194.1.107:8090 max_fails=2 fail_timeout=2s weight=2;
## server 10.194.1.108:8090 max_fails=2 fail_timeout=2s weight=2;
sticky;
ip_hash;
}
gzip on;
server {
listen 10.194.100.50:80;
server_name example.de www.example.de;
rewrite ^ http://www.testing.de permanent;
}
server {
ssl on;
ssl_prefer_server_ciphers on;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL;
listen 10.194.100.50:443 ssl;
ssl_certificate ssl/nginx-test.crt;
ssl_certificate_key ssl/nginx-test.key;
keepalive_timeout 60;
server_tokens off;
proxy_intercept_errors on;
if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 444;
}
if ($http_user_agent ~* LWP::Simple|BBBike|wget) {
return 403;
}
if ( $http_referer ~*
(babes|forsale|girl|jewelry|love|nudit|organic|poker|porn|sex|teen) ) {
return 403;
}
server_name example-org;
location /example-org {
proxy_pass http://example-org;
error_page 400 401 404 408 502 503 504 /error/error.html;
}
server_name example-online;
location /example-online {
proxy_pass http://example-online;
error_page 400 401 404 408 502 503 504 /error/error.html;
}
location /error {
root /var/www;
}
location / {
root /var/www/error;
index error.html;
}
}
}
###########################

Posted at Nginx Forum: