COMMUNITIES

Select Your Region

Visit the Cary, NC, US corporate headquarters site

Americas

Europe

Middle East & Africa

Asia Pacific

View our worldwide contacts list for help finding your region

Americas

Europe

Middle East & Africa

Asia Pacific

Sign In

Get access to My SAS, trials, communities and more.

Sign Out

Get access to My SAS, trials, communities and more.

SAS Sites

sas.com
Support
Blogs
Communities
Developer
Curiosity
Videos

Documentation

Learn
Brand
PartnerNet
Merchandise

Administration and Deployment

Installing and maintaining your SAS environment
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
Matt
Quartz | Level 8 Matt
Quartz | Level 8

How to configure SAS to work with AWS ELB and NGNIX Reverse Proxy

Posted 08-03-2018 02:26 PM (2607 views)

Does anyone have done this or have experience with?

 

I am trying to configure SAS to work with AWS ELB and NGNIX Reverse Proxy. It is a three zone architecture.

 

Presentation Zone :- ELB is under presentation zone

Application Zone :- Reverse Proxy (NGNIX) is under Application Zone

Data Zone :- SAS servers are resided in Data Zone under AWS VPC.​

 

I am trying to connect SAS client applications installed on local machine to SAS compute servers through ELB and Reverse Proxy. I already VPN to AWS.

 

This is how the traffic flows
SAS clients are installed on local machine - connects to AWS ELB - ELB connects to Reverse proxy that is communicating back and forth with SAS servers.
ELB (Presentation Zone) ----> Reverse Proxy (Application Zone) -----> SAS Servers (Data Zone).
 
All SAS services are up and running however when I try to connect to SAS application servers from EG, it fails with an error saying "The machine name could not resolved to an IP address" I understand that it is basically looking for a DNS entries for these machines/host names. But why doesn't it need a hostname entries as it should use the ELB to connect to the hosts and SAS linux servers have the host name entries.

 

Reply
5 REPLIES 5
boemskats
Lapis Lazuli | Level 10 boemskats
Lapis Lazuli | Level 10

Re: How to configure SAS to work with AWS ELB and NGNIX Reverse Proxy

Posted 08-03-2018 03:22 PM (2596 views)  |   In reply to Matt

I'm pretty sure that EG (and thereby the client machine) needs to be able to directly resolve the DNS of the compute server it's connecting to, as per that server's DNS definition in SAS metadata. You won't be able to reverse proxy this with nginx; if you're running a single appserver setup you'd be able to forward the port itself (think it's 7551, not sure), but if you're loadbalancing across a number of application server nodes I doubt you'll be able to use ELB as the LB mechanism needs to be integrated with the object spawner & the target machine needs to be resolvable from the client.

 

Hope this makes sense. If you're after a bit of help doing this in AWS I'd give @shayes_ccllc a call.

 

Nik

Reply
Matt
Quartz | Level 8 Matt
Quartz | Level 8

Re: How to configure SAS to work with AWS ELB and NGNIX Reverse Proxy

Posted 08-06-2018 02:28 PM (2561 views)  |   In reply to boemskats

Nik,

 

Thanks for your response. Each compute servers have a dedicated ELB. SAS compute servers are not being configured for load balancing, they are independent instances. ELB however configured for load balancing the connections from SAS clients. The issue is NGNIX not forwarding the traffic to all three servers and ports. It only allows to have 1 compute server and port combination in proxy_pass value. 

0 Likes
Reply
boemskats
Lapis Lazuli | Level 10 boemskats
Lapis Lazuli | Level 10

Re: How to configure SAS to work with AWS ELB and NGNIX Reverse Proxy

Posted 08-08-2018 08:49 AM (2527 views)  |   In reply to Matt

Unless I've misunderstood your question/description, you're looking at forwarding non-HTTP traffic though, right? From the EG clients to the Object Spawners, running on the Compute nodes?

 

What's the role of the reverse proxy, in addition to the ELB? What is it that you're trying to reverse-proxy? Can you post your nginx conf? You can't forward non http stuff with nginx unless you've built it with the stream core module. Where does your metadata server sit in this scenario, do you have a metadata server instance running on each of those compute nodes?

 

0 Likes
Reply
Matt
Quartz | Level 8 Matt
Quartz | Level 8

Re: How to configure SAS to work with AWS ELB and NGNIX Reverse Proxy

Posted 08-09-2018 03:02 PM (2504 views)  |   In reply to boemskats

Nik,

 

See the answers below

 

Unless I've misunderstood your question/description, you're looking at forwarding non-HTTP traffic though, right? From the EG clients to the Object Spawners, running on the Compute nodes? - Yes

 

What's the role of the reverse proxy, in addition to the ELB? What is it that you're trying to reverse-proxy? Can you post your nginx conf? You can't forward non http stuff with nginx unless you've built it with the stream core module. Where does your metadata server sit in this scenario, do you have a metadata server instance running on each of those compute nodes?

 

What's the role of the reverse proxy, in addition to the ELB? - Forward the traffic to SAS servers (sitting under datazone). It is being used to make it three zone architecture.

 

What is it that you're trying to reverse-proxy? - SAS client requests to SAS servers. 

You can't forward non http stuff with nginx unless you've built it with the stream core module. - NGNIX is configured with stream core module - see the snippet.

 

Where does your metadata server sit in this scenario - Under the data zone where all compute and midtier are residing.

do you have a metadata server instance running on each of those compute nodes? - No, there is a single metadata instance for three compute servers (independent - no GRID, no cluster), and a midtier.

 

ngnix.conf

 

user nginx;
worker_processes 1;

error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;


events {
worker_connections 1024;
}


http {
include /etc/nginx/mime.types;
default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;
#tcp_nopush on;

keepalive_timeout 65;

#gzip on;

include /etc/nginx/conf.d/*.conf;
}
stream {
server {
listen 8561;
proxy_pass XXXXXXXXXXX:8561;
}
#Middletier
server {
listen 8080;
proxy_pass XXXXXXXXXXXXXXXX:8080;
}
server {
listen 7980;
proxy_pass 1XXXXXXXXXXX:7980;
}
#Compute1 Compute2 and Compute3
server {
listen 9432;
proxy_pass XXXXXXXXXXXXXX:80;
}
server {
listen 5451;
proxy_pass 1XXXXXXXXXXXXXXX:5451;
}
server {
listen 7541;
proxy_pass XXXXXXXXXXXXXXXXX:7541;
}
"nginx.conf" [readonly] 122L, 2741C

Reply
Matt
Quartz | Level 8 Matt
Quartz | Level 8

Re: How to configure SAS to work with AWS ELB and NGNIX Reverse Proxy

Posted 08-16-2018 01:13 PM (2437 views)  |   In reply to Matt

FYI -

 

We made a good progress on this. However certain services such as the operating systems services, OLAP server, content server etc..are trying to connect through hostname and traffic is only allowed through ELB and NGNIX. If we modify their connection property within the SMC by replacing the hostname with the ELB name then it works but I don't think that is a SAS recommended way of configuring the environment. 

 

Any comments?

Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 5 replies
  • ‎08-03-2018 02:26 PM
  • 2608 views
  • 4 likes
  • 2 in conversation
Top