280 lines
11 KiB
Django/Jinja
280 lines
11 KiB
Django/Jinja
server {
|
|
root {{ portal_web_root }};
|
|
index index.html;
|
|
|
|
gzip on;
|
|
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
|
|
gzip_types text/javascript text/css application/x-javascript application/javascript application/json image/svg+xml;
|
|
gzip_vary on;
|
|
gzip_proxied any;
|
|
|
|
server_name {{ ansible_fqdn }};
|
|
|
|
location / {
|
|
|
|
auth_pam "NeMIS Hadoop Cluster Access";
|
|
auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
# HUE is a real mess
|
|
{% if hue_servers is defined %}
|
|
{% for host in groups['hue_servers'] %}
|
|
location /jobbrowser {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/jobbrowser;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "nginx";
|
|
}
|
|
location /accounts {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/accounts;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
location /beeswax {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/beeswax;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
location /oozie {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/oozie;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
location /help {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/help;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
location /static {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/static;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
location /jobsub {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/jobsub;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
location /shell {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/shell;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
location /useradmin {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/useradmin;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
location /filebrowser {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }}/filebrowser;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Access";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
{% endfor %}
|
|
{% endif %}
|
|
|
|
}
|
|
|
|
# HUE
|
|
{% for host in groups['hue'] %}
|
|
server {
|
|
listen {{ hostvars[host]['hue_http'] }};
|
|
location / {
|
|
proxy_pass http://{{ host }}:{{ hue_http_port }};
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
auth_pam "NeMIS Hadoop Cluster Access";
|
|
auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
}
|
|
{% endfor %}
|
|
|
|
# Jobtracker HA masters
|
|
{% for host in groups['jt_masters'] %}
|
|
server {
|
|
listen {{ hostvars[host]['jt_http'] }};
|
|
location / {
|
|
proxy_pass http://{{ host }}:{{ jobtracker_cluster_id1_http_port }}/;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
auth_pam "NeMIS Hadoop Cluster Access";
|
|
auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
}
|
|
{% endfor %}
|
|
|
|
# Map/Reduce tasktrackers
|
|
{% for host in groups['hadoop_worker_nodes'] %}
|
|
server {
|
|
listen {{ hostvars[host]['mapred_http'] }};
|
|
location / {
|
|
proxy_pass http://{{ host }}:{{ mapred_tasktracker_http_port }}/;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
auth_pam "NeMIS Hadoop Cluster Access";
|
|
auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
}
|
|
{% endfor %}
|
|
|
|
# HDFS masters
|
|
{% for host in groups['hdfs_masters'] %}
|
|
server {
|
|
listen {{ hostvars[host]['hdfs_m_http'] }};
|
|
location / {
|
|
proxy_pass http://{{ host }}:{{ hdfs_nn_http_port }}/;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
auth_pam "NeMIS Hadoop Cluster Access";
|
|
auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
}
|
|
{% endfor %}
|
|
|
|
# HDFS datanodes
|
|
{% for host in groups['hadoop_worker_nodes'] %}
|
|
server {
|
|
listen {{ hostvars[host]['hdfs_http'] }};
|
|
location / {
|
|
proxy_pass http://{{ host }}:{{ hdfs_datanode_http_port }}/;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
auth_pam "NeMIS Hadoop Cluster Access";
|
|
auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
}
|
|
{% endfor %}
|
|
|
|
# HBASE masters
|
|
{% for host in groups['hbase_masters'] %}
|
|
server {
|
|
listen {{ hostvars[host]['hbase_m_http'] }};
|
|
location / {
|
|
proxy_pass http://{{ host }}:{{ hbase_master_http_port }}/;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
auth_pam "NeMIS Hadoop Cluster Access";
|
|
auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
}
|
|
{% endfor %}
|
|
|
|
# HBASE regionservers
|
|
{% for host in groups['hadoop_worker_nodes'] %}
|
|
server {
|
|
listen {{ hostvars[host]['hbase_http'] }};
|
|
location / {
|
|
proxy_pass http://{{ host }}:{{ hbase_regionserver_http_port }}/;
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
auth_pam "NeMIS Hadoop Cluster Access";
|
|
auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
}
|
|
}
|
|
{% endfor %}
|
|
|
|
# Logstash
|
|
# -- NB: that doesn't work, kibana keeps searching the elasticsearch instance as jobtracker.t.hadoop.
|
|
#{% for host in groups['logstash'] %}
|
|
#server {
|
|
# listen {{ hostvars[host]['log_http'] }};
|
|
# location / {
|
|
# proxy_pass http://{{ host }}/;
|
|
# proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
|
|
# proxy_redirect off;
|
|
# proxy_buffering off;
|
|
# proxy_set_header Host $host;
|
|
# proxy_set_header X-Real-IP $remote_addr;
|
|
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# auth_pam "NeMIS Hadoop Cluster Logstash data";
|
|
# auth_pam_service_name "{{ portal_pam_svc_name }}";
|
|
# }
|
|
#}
|
|
#{% endfor %}
|