AWS load balancer, nginx, and Tomcat configuration help

I’ve been reviewing various web pages about and mailing list references,
and am hoping for a canonical answer.

I’ve got a customized Tomcat configuration in AWS, and need to load
balance multiple instances on each host of a load-balanced pool in AWS
for a testable configuration. I’m using the AWS ELB load balancers in
front of all the AWS hosts, and just started running nginx 1.6.2 with
the relevant realip module compiled in to spread the load even further
among multiple tomcat instances on each host.

Can anyone confirm for that that they have AWS based hosts with the ELB
load balancer in front, and nginx and tomcat doing correctly recording
the connecting IP address in the tomcat logs? Or can point out issues
with this configuration? I’m concerned that I’ve missed something needed
in the Tomcat configuration. That was apparently working well with just
the ELB load balancer in place.

http {

standard nginx settings left out left out of email

Recommended AWS settings from various Google documents

real_ip_header X-Forwarded-For;
real_ip_recursive on;

Recommended values, the remote IP addresses are showing up in

log_format main '$remote_addr - $remote_user [$time_local]
“$request” ’
'$status $body_bytes_sent “$http_referer” ’
‘“$http_user_agent” “$http_x_forwarded_for”’;

server {
listen 80 default_server;
server_name _;
location / {
proxy_pass http://tomcat_servers;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

  # nginx package standard values
  error_page  404 /404.html;
  location = /404.html {
      root   /usr/share/nginx/html;
  # redirect server error pages to the static page /50x.html
  error_page 500 502 503 504  /50x.html;
  location = /50x.html {
      root   /usr/share/nginx/html;


HTTPS not currently used

Local tomcat instances

upstream tomcat_servers {

Nico Kadel-Garcia
Lead DevOps Engineer
[email protected]mailto:[email protected]