server { root {{ portal_web_root }}; index index.html; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_types text/javascript text/css application/x-javascript application/javascript application/json image/svg+xml; gzip_vary on; gzip_proxied any; server_name {{ ansible_fqdn }}; location / { auth_pam "NeMIS Hadoop Cluster Access"; auth_pam_service_name "{{ portal_pam_svc_name }}"; } # HUE is a real mess {% if hue_servers is defined %} {% for host in groups['hue_servers'] %} location /jobbrowser { proxy_pass http://{{ host }}:{{ hue_http_port }}/jobbrowser; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "nginx"; } location /accounts { proxy_pass http://{{ host }}:{{ hue_http_port }}/accounts; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } location /beeswax { proxy_pass http://{{ host }}:{{ hue_http_port }}/beeswax; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } location /oozie { proxy_pass http://{{ host }}:{{ hue_http_port }}/oozie; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } location /help { proxy_pass http://{{ host }}:{{ hue_http_port }}/help; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } location /static { proxy_pass http://{{ host }}:{{ hue_http_port }}/static; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } location /jobsub { proxy_pass http://{{ host }}:{{ hue_http_port }}/jobsub; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } location /shell { proxy_pass http://{{ host }}:{{ hue_http_port }}/shell; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } location /useradmin { proxy_pass http://{{ host }}:{{ hue_http_port }}/useradmin; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } location /filebrowser { proxy_pass http://{{ host }}:{{ hue_http_port }}/filebrowser; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Access"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; } {% endfor %} {% endif %} } # HUE {% for host in groups['hue'] %} server { listen {{ hostvars[host]['hue_http'] }}; location / { proxy_pass http://{{ host }}:{{ hue_http_port }}; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_pam "NeMIS Hadoop Cluster Access"; auth_pam_service_name "{{ portal_pam_svc_name }}"; } } {% endfor %} # Jobtracker HA masters {% for host in groups['jt_masters'] %} server { listen {{ hostvars[host]['jt_http'] }}; location / { proxy_pass http://{{ host }}:{{ jobtracker_cluster_id1_http_port }}/; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_pam "NeMIS Hadoop Cluster Access"; auth_pam_service_name "{{ portal_pam_svc_name }}"; } } {% endfor %} # Map/Reduce tasktrackers {% for host in groups['hadoop_worker_nodes'] %} server { listen {{ hostvars[host]['mapred_http'] }}; location / { proxy_pass http://{{ host }}:{{ mapred_tasktracker_http_port }}/; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_pam "NeMIS Hadoop Cluster Access"; auth_pam_service_name "{{ portal_pam_svc_name }}"; } } {% endfor %} # HDFS masters {% for host in groups['hdfs_masters'] %} server { listen {{ hostvars[host]['hdfs_m_http'] }}; location / { proxy_pass http://{{ host }}:{{ hdfs_nn_http_port }}/; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_pam "NeMIS Hadoop Cluster Access"; auth_pam_service_name "{{ portal_pam_svc_name }}"; } } {% endfor %} # HDFS datanodes {% for host in groups['hadoop_worker_nodes'] %} server { listen {{ hostvars[host]['hdfs_http'] }}; location / { proxy_pass http://{{ host }}:{{ hdfs_datanode_http_port }}/; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_pam "NeMIS Hadoop Cluster Access"; auth_pam_service_name "{{ portal_pam_svc_name }}"; } } {% endfor %} # HBASE masters {% for host in groups['hbase_masters'] %} server { listen {{ hostvars[host]['hbase_m_http'] }}; location / { proxy_pass http://{{ host }}:{{ hbase_master_http_port }}/; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_pam "NeMIS Hadoop Cluster Access"; auth_pam_service_name "{{ portal_pam_svc_name }}"; } } {% endfor %} # HBASE regionservers {% for host in groups['hadoop_worker_nodes'] %} server { listen {{ hostvars[host]['hbase_http'] }}; location / { proxy_pass http://{{ host }}:{{ hbase_regionserver_http_port }}/; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_pam "NeMIS Hadoop Cluster Access"; auth_pam_service_name "{{ portal_pam_svc_name }}"; } } {% endfor %} # Logstash # -- NB: that doesn't work, kibana keeps searching the elasticsearch instance as jobtracker.t.hadoop. #{% for host in groups['logstash'] %} #server { # listen {{ hostvars[host]['log_http'] }}; # location / { # proxy_pass http://{{ host }}/; # proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; # proxy_redirect off; # proxy_buffering off; # proxy_set_header Host $host; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # auth_pam "NeMIS Hadoop Cluster Logstash data"; # auth_pam_service_name "{{ portal_pam_svc_name }}"; # } #} #{% endfor %}