Hi Dilusha please refer to the above mail I have mistakenly sent to Sashika
Regards On Wed, Dec 6, 2017 at 9:52 AM, Dushantha Batuwita <[email protected]> wrote: > Hi Dilusha > > I hope you have coded the nginx related configuration in the document > correctly. There the pitfall is the port setup please check if the ports > are assigned correctly, further you need to handle the HTTP / HTTPS request > to the nginx. Those configurations are handled by “am.http.conf” and > “am.https.conf” files located at /etc/nginx/conf.d/<file_name>. > > I suppose your setup is established on the local machine since you have > not specifically mentioned it. > > Further, I expect you have followed the document from top to bottom and > below are places to double check. > > /etc/nginx/conf.d/am.http.conf > > upstream wso2.am.com { > > server <localhost>:9763 +{portoffset_of_GateWayWorker}; > > server <localhost>:9763 +{portoffset_of_GateWayManager}; > > # this is because your manager is also a Gateway worker > > } > > server ; > > listen 80; > > server_name am.wso2.com; > > location / { > > proxy_set_header X-Forwarded-Host $host; > > proxy_set_header X-Forwarded-Server $host; > > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > > proxy_set_header Host $http_host; > > proxy_read_timeout 5m; > > proxy_send_timeout 5m; > > proxy_pass http://wso2.am.com; > > } > > } > > /etc/nginx/conf.d/am.https.conf > > upstream ssl.wso2.am.com { > > server <localhost>:9443+{portoffset_of_GateWayWorker}; > > server <localhost>:9443 + {portoffset_of_GateWayManager}; > > } > > server { > > listen 443; > > server_name am.wso2.com; > > ssl on; > > ssl_certificate /etc/nginx/ssl/server.crt; > > ssl_certificate_key /etc/nginx/ssl/server.key; > > location / { > > proxy_set_header X-Forwarded-Host $host; > > proxy_set_header X-Forwarded-Server $host; > > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > > proxy_set_header Host $http_host; > > proxy_read_timeout 5m; > > proxy_send_timeout 5m; > > proxy_pass https://ssl.wso2.am.com; > > } > > } > > /etc/nginx/conf.d/mgt.am.https.conf > > server { > > listen 443; > > server_name mgt.am.wso2.com; > > ssl on; > > ssl_certificate /etc/nginx/ssl/server.crt; > > ssl_certificate_key /etc/nginx/ssl/server.key; > > location / { > > proxy_set_header X-Forwarded-Host $host; > > proxy_set_header X-Forwarded-Server $host; > > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > > proxy_set_header Host $http_host; > > proxy_read_timeout 5m; > > proxy_send_timeout 5m; > > proxy_pass https://<localhost>:9443 +{portoffset_of_ > GateWayManager}; > > } > > error_log /var/log/nginx/mgt-error.log ; > > access_log /var/log/nginx/mgt-access.log; > > } > > Server.crt and server.key are the SSL certificate and the key you have to > create by following the exact instruction given in the document you have > mentioned and please be aware of the location you have to copy the over to. > > Then the next critical part is the configuring the Gateway manager section > > There the configuring axis2.xml is worth paying attention. > > ( I have noted the sections where you might go wrong and hope other > sections of the context have been straight forward ) > > d. Specify the host used to communicate cluster messages. This is the IP > of the Gateway manager node. > > <parameter name="localMemberHost">localhost</parameter> > > F. section asks to set up the parameters > > <parameter name="properties"> > > <!--<property name="backendServerURL" value="https:// > ${hostName}:${httpsPort}/services/"/> > > <property name="mgtConsoleURL" value="https:// > ${hostName}:${httpsPort}/"/> --> > > <property name="backendServerURL" value="am.wso2.com"/> > > <!-- backend server url is what exposes to the Gate way worker nodes and > it should be the name of the Load balancer fronting the workers --> > > <property name="mgtConsoleURL" value="https:// > ${hostName}:${httpsPort}/"/> > > <!-- mgtConsoleURL should be the Gateway mangers url as we are accessing > through the gateway managers console --> > > <property name="subDomain" value="worker"/> > > </parameter> > > > Configuring the Configuring the carbon.xml file of the Gateway Manager > > The given ports should be kept as it’s they are automatically adjusted > > <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" > > port="9763" > > proxyPort="80" > > -------- > > /> > > <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" > > port="9443" > > proxyPort="443" > > -------- > > /> > > Rest of the configuration I suppose straightforward till the configuration > of Gateway worker. > But if you have any queries you can raise it as always. If you get the > idea of the above setting then configuring Gateway worker is also somewhat > similar. > Hope this would help you to set up the Gateway cluster. > Regards > > On Wed, Dec 6, 2017 at 8:37 AM, Sashika Wijesinghe <[email protected]> > wrote: > >> Hi Dilusha, >> >> Make sure to import the SSL certificate into the client-truststore.jks of >> gateway nodes. >> >> For example: keytool -import -trustcacerts -alias server -file server.crt >> -keystore client-truststore.jks >> >> Regards, >> Sashika >> >> >> >> On Tue, Dec 5, 2017 at 11:31 PM, Pubudu Gunatilaka <[email protected]> >> wrote: >> >>> Hi Dilusha, >>> >>> Configure the cluster between gateway nodes according to the guide. If >>> you start both gateway nodes, you should see 'Member joined' message in one >>> of the gateway nodes. >>> >>> Actually, you need to configure pass-through transports in the gateway >>> for nginx. The ports are 8280 and 8243. We will update the docs. >>> >>> As you have one manager node, it is not mandatory to configure servlet >>> ports for gateway nodes. >>> >>> Thank you! >>> -- >>> *Pubudu Gunatilaka* >>> Committer and PMC Member - Apache Stratos >>> Senior Software Engineer >>> WSO2, Inc.: http://wso2.com >>> mobile : +94774078049 <%2B94772207163> >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> *Sashika WijesingheSoftware Engineer - QA Team* >> Mobile : +94 (0) 774537487 >> [email protected] >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > *Dushantha Nayanajith Chandima Batuwita* > Software Engineer Support | WSO2 > [email protected] > mobile : 0094777453010 > -- *Dushantha Nayanajith Chandima Batuwita* Software Engineer Support | WSO2 [email protected] mobile : 0094777453010
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
