NLS Behind F5 LoadBalancer using https

[prhunixadmin]

Hello there,

I've configured 3 of our NLS Servers to sit behind 1 VIP address. We want to use only ssl connection to the NLS server via the Load Balancer. Using https breaks the NLS login page and there is no access to it.

Our workaround for now is to modify the config.php file in /var/www/html/nagioslogserver/application/config modifying the base url line to this.

Code: Select all

$config['base_url'] = 'https://prhsyslog.us.randomhouse.com/nagioslogserver';

It appears that only allowing https to the webserver breaks the http links on the home page and noone can login. So modifying the config.php gets things working sorta. It appears that everything works ok with the exception of the

Administration/System Status page. All the statuses show a spinning circle and stopping and starting the logstash or elasticsearch from this page is not possible.

How do i get all the pages to work without modifying the the base_url in the config.php file.

What is your recommendation to get a 3 Node NLS configuration behind a load balancer to only accept https connection and not break it?

Greg Cooper

[tmcdonald]

Not something we have officially documented, but this post explains how to get NLS 2.2 working with SSL: https://support.nagios.com/forum/viewto ... 38&t=34461

Give that a read through and let us know if that's what you are looking for.

[prhunixadmin]

OK. I followed your documentation and i am redirected from http to https. Connecting sucessfully to the main page. None of the links work and the dashboard is missing most of the data. Is there something to change to get the connection to the links on the page over https (443)?

[rkennedy]

None of the links work and the dashboard is missing most of the data. Is there something to change to get the connection to the links on the page over https (443)?

Can you post a screenshot of what you're seeing on the dashboard?

Also, when you mentioned the links aren't working - what is the error you are receiving after clicking one of them? Where are the links directing you to?

[prhunixadmin]

Attached it copy of main page for NLS. All dashlets are broken except for events over time. Spinning pinwheels everywhere else. No selections in the Global Queries,Global Dashboards etc.

Home_•_Nagios_Log_Server_-_2016-01-08_14.01.14.png

Any links goes to a 404 error. Clicking the Administration gets this error.

Not Found

The requested URL /nagioslogserver/admin was not found on this server.

[jolson]

Try following the steps listed in this document:
https://assets.nagios.com/downloads/nag ... Server.pdf

Specifically, I think that the 'Editing ssl.conf' step is what you're missing. Let us know if that helps!

[prhunixadmin]

Excellent that fixed my issue. Please close this one out. Your help is much appreciated.

[prhunixadmin]

One more thing. SSL is working great. But one lingering issue.

The system status page never updates information of logserver and elasticsearch. I think its trying to connect to the server to get the status over port 80 a non ssl connection.

I keep seeing this error in the apache logs.

Mon Jan 11 09:18:44.090624 2016] [ssl:error] [pid 43999] [client 10.104.83.2:32858] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:18:46.563682 2016] [ssl:error] [pid 44151] [client 10.104.83.3:54864] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:18:49.098259 2016] [ssl:error] [pid 43998] [client 10.104.83.2:32904] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:18:51.566231 2016] [ssl:error] [pid 44135] [client 10.104.83.3:54910] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:18:54.103882 2016] [ssl:error] [pid 44152] [client 10.104.83.2:32951] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:18:56.474363 2016] [ssl:error] [pid 43996] [client 10.104.83.3:54957] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:18:59.106814 2016] [ssl:error] [pid 44000] [client 10.104.83.2:32998] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:19:01.481345 2016] [ssl:error] [pid 44135] [client 10.104.83.3:55002] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:19:04.111425 2016] [ssl:error] [pid 44152] [client 10.104.83.2:33041] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:19:06.486665 2016] [ssl:error] [pid 43996] [client 10.104.83.3:55045] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required
[Mon Jan 11 09:19:09.118145 2016] [ssl:error] [pid 44000] [client 10.104.83.2:33086] AH02219: access to /var/www/html/nagioslogserver/www/index.php failed, reason: SSL connection required

Im attaching screen shot of the System Status page.

[rkennedy]

The developers have informed me that this is actually a bug. With that said, I have filed a bug report for this, ID 7439.

Did you need any further assistance with this?

[prhunixadmin]

Nope I can live with this. Hopefully its fixed by the next release. Thanks!