Nginx + SSL + Rails + Juggernaut(Node.js)+ Engineyard
[英]Nginx + SSL + Rails + Juggernaut (Node.js) + Engineyard
问题描述
I have two different applications on the same server. 
我在同一台服务器上有两个不同的应用程序。 One of them is running on the 80 port (mydomain.com), another on the port 443 (sub.mydomain.com) and has wildcard certificate. 其中一个在80端口(mydomain.com)上运行,另一个在443端口(sub.mydomain.com)上运行,并具有通配符证书。
The first application is only for information purposes and don't need websockets support. 第一个应用程序仅用于提供信息,不需要websockets支持。 The second application should have secure websockets support (wss protocol). 第二个应用程序应具有安全的websockets支持(wss协议)。
I tried to set up juggernaut gem (for websockets) for my rails app with nginx server on the engineyard cloud, but i have one problem. 我试图在Engineyard Cloud上使用Nginx服务器为Rails应用设置剑圣宝石(用于websocket),但是我遇到了一个问题。 Engineyard cloud provide only two opened ports: 80 and 443. I know that nginx do not fully support http 1.1 reverse proxing, so i can't use proxing from nginx for redirects websockets requests to the specific local port (in my case this port is 8080). Engineyard云仅提供两个打开的端口:80和443。我知道nginx不完全支持http 1.1反向proxing,所以我不能使用nginx的proxing将websockets请求重定向到特定的本地端口(在我的情况下,该端口是8080)。
I tried use HAProxy and it's work for me when i use only unsecure websockets, but i need to support secure websockets. 我尝试使用HAProxy,当我仅使用不安全的websocket时,它对我有用,但是我需要支持安全的websocket。 As i know in this case i should use something like STunnel for tunneling my https request and than use HAProxy, but when i test it - i saw that the server has to work several times slower and i still did not work to use the secure socket connection :( 据我所知,在这种情况下,我应该使用诸如STunnel之类的东西来传送我的https请求而不是使用HAProxy,但是当我对其进行测试时-我发现服务器的工作速度必须慢上几倍,而我仍然无法使用安全套接字连接:(
Maybe I'm doing something wrong? 也许我做错了什么? Maybe someone will tell how to set up nginx for multiple applications (one of them should work via https) and secure websockets using only two ports (80 and 443). 也许有人会告诉您如何为多个应用程序设置nginx(其中一个应通过https运行)并仅使用两个端口(80和443)保护websocket的安全。
ps Also i used a node-http-proxy, in this case i was able to set up proxy for different nginx applications but i do not get run websockets (happened only for "handshake" via nginx, not for "switching protocols") ps另外,我使用了node-http-proxy,在这种情况下,我能够为不同的nginx应用程序设置代理,但是我无法运行websocket(仅通过nginx发生在“握手”中,而不是在“交换协议”中发生)
1 个解决方案
解决方案1
0 2012-03-21 20:08:14
I did some research on the various reverse proxies and websockets not too long ago. 不久前,我对各种反向代理和Websocket进行了一些研究。 The bottom line is that websockets is new, and the reverse proxy support for it is very poor right now. 最重要的是,websockets是新的,并且反向代理对它的支持现在很差。
The recommendation I saw and I agree with is that you should run your websockets on a different stack than the rest of your items. 我看到并同意的建议是,与其他项目相比,您应该在不同的堆栈上运行websocket。 That usually means putting it on a separate domain or subdomain. 这通常意味着将其放在单独的域或子域中。
You still have to deal with the complexities of getting the reverse proxies working, but it will be less complicated if you don't have to worry about breaking the other stuff. 您仍然必须处理使反向代理正常工作的复杂性,但是如果您不必担心破坏其他内容,它将变得不那么复杂。
Also, I agree that maybe you'll get better answers at serverfault or superuser. 另外,我同意,也许您会在serverfault或超级用户那里得到更好的答案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.