Nginx Configuration For HA Setup


I’ve noticed than inside the Rancher HA with Nginx documentation its mentioned to use the stream module of nginx. this module force to have a dedicated ip:port pair …

I’ve done some test using the web sockets feature of nginx… And everything seems to work well… since the only port bind with the rancher container are 80 and 443… it look like rancher only use websocket(wss) and standard http/https… (wrong?) …

The advantage of using web sockets feature make configuration simpler and no need of special module…

Did someone see issue of the kind of config? Is there a reason why stream module is the only option in the documentation?

here the config i’m currently testing:

upstream ranchernodes {
    server max_fails=3 fail_timeout=5s;
    server max_fails=3 fail_timeout=5s;
    server backup;
server {
    listen          443 ssl http2;
    client_max_body_size 20m;
    ssl_certificate "/etc/pki/nginx/WildCard.pkcs1.crt";
    ssl_certificate_key "/etc/pki/nginx/private/WildCard.pkcs1.key";
    access_log      /var/log/nginx/ main;

    location / {
            proxy_pass https://ranchernodes;
            proxy_set_header Host            "";
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_read_timeout 900;