Sending basic auth to "backend" servers

Hey everyone

I’m trying to achieve something a little unique (have read a LOT of
documentation and posts)

I want to use ngnix as a LB to a handful of squid servers I have to
distribute http requests on a round robin basis.

Each squid web server in the “backend” accepts a unique username and
password.

Would anyone be able to point me in the right direction config wise on
how
to define a unique user/pass for each server in the load balanced pool?

Many thanks
JR

Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,267156,267156#msg-267156

Hello!

On Wed, May 25, 2016 at 04:02:46PM -0400, jrhodes wrote:

Would anyone be able to point me in the right direction config wise on how
to define a unique user/pass for each server in the load balanced pool?

Normal logic of load balancing in nginx assumes the same request can
be sent to multiple backend servers, and therefore it won’t work
for you - as you need to construct unique request to each backend,
with it’s own Authorization header.

To do what you want you may try distributing requests “by hand”,
e.g., using the split_clients module:

split_client $remote_addr $backend {
    50% backend1.example.com;
    *   backend2.example.com;
}

map $backend $backend_auth {
    backend1.example.com QWxhZGRpbjpvcGVuIHNlc2FtZQ==;
    backend2.example.com QWxhZGRpbjpvcGVuIHNlc2FtZQ==;
}

server {
    ...

    location / {
        proxy_pass http://$backend;
        proxy_set_header Authorization "Basic $backend_auth";
    }
}

More information can be found in the documentation here:

http://nginx.org/en/docs/http/ngx_http_split_clients_module.html
http://nginx.org/en/docs/http/ngx_http_map_module.html
http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass


Maxim D.
http://nginx.org/

Maxim, thanks so much. I’ll read those parts!

Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,267156,267184#msg-267184

Just one follow up question after some testing. Is there a way to split
on a
per request basis?

So say 10 backend servers each with unique authorisation headers set up,
then have each single incoming request RR to each:

Incoming http request 1 -> backend1
Incoming http request 2 -> backend2
Incoming http request 3 -> backend3

And so on…

Thanks!
JR

Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,267156,267197#msg-267197

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs