Skip to content

proxy

Jump to bottom
Dilshat edited this page Jan 10, 2019 · 11 revisions

Proxy

Allows to create a reverse proxy on RH exposing a port to outside. The binding uses NGINX web server to proxy the traffic. It supports http/https/tcp/udp protocols.

usage: subutai proxy <command> [<args> ...]

Options:

  proxy create --protocol=PROTOCOL --port=PORT --tag=TAG [<flags>]
    Create proxy

  proxy list [<flags>]
    List proxies

  proxy remove --tag=TAG
    Remove proxy

  proxy server add --tag=TAG --server=SERVER
    Add proxied server

  proxy server remove --tag=TAG --server=SERVER
    Remove proxied server

  proxy server list --tag=TAG
    List servers for proxy

Example:

subutai proxy create -t https-test.com-443 -p https -e 443 -n test.com -c /path/to/cert

subutai proxy srv add -t https-test.com-443 -s 172.1.2.3:4567

Parameters

  • Parameter --protocol sets the protocol for the proxy and can be one of the following: http/https/tcp/udp
  • Parameter --balancing sets local balancing strategy for distributing requests to proxied servers. It allows to set the following policies: rr (which means round robin), sticky (sticks client IP to an upstream server) and lcon (routes request to server with least connections)
  • Parameter --port sets port on which proxy will receive requests and pass to proxied (upstream) servers. Port will listen on all interfaces i.e. 0.0.0.0:{port}
  • Parameter --tag is a unique name for the proxy. It allows further manipulation with the proxy by passing it to other subutai proxy subcommands. It is an arbitrary string, for example, https-my-domain-80 or just my-awesome-proxy, the only requirement is that it must be unique on the RH.

http/https protocols specific parameters:

  • Parameter --domain is mandatory
  • if --certificate is passed, it must contain a x509 certificate and private key together in PEM format. If --certificate is missing, Subutai will attempt to obtain Lets Encrypt certificate for the specified domain
  • Parameter --redirect attempts to redirect traffic on port http/80 to https/{specified-port}, if port 80 is available for this domain
  • Parameter --sslbackend designates that proxied (upstream) server(s) serve https traffic.
  • Parameter --http2 used to enable http2 protocol

srv subcommand parameters:

  • Parameter --server is the proxied upstream server in form ip:port, for example, 172.1.2.3:4567

Subutai Agent Workflow

Resource Host Discovery Requirements

Service Discovery

Live Migration

Ansible Module

Troubleshooting

Port Mappings

Maintenance

How to collect logs
How to add additional RH to peer

CLI

attach
batch
cdn
cleanup
clone
config
daemon
destroy
export
hostname
import
info
list
map
metrics
proxy
quota
snapshot
start
stop
tunnel
update
vxlan

REST API

Private REST API
Auto generated REST API Documentation

Uncategorized
Clone this wiki locally