Configuring the reverse proxy - AWS Elastic Beanstalk

Configuring the reverse proxy

Elastic Beanstalk uses nginx as the reverse proxy to map your application to your Elastic Load Balancing load balancer on port 80. Elastic Beanstalk provides a default nginx configuration that you can either extend or override completely with your own configuration.

To extend Elastic Beanstalk's default nginx configuration, add .conf configuration files to a folder named .ebextensions/nginx/conf.d/ in your application source bundle. Elastic Beanstalk's nginx configuration includes .conf files in this folder automatically.

~/workspace/my-app/ |-- .ebextensions | `-- nginx | `-- conf.d | `-- myconf.conf `-- web.jar

To override Elastic Beanstalk's default nginx configuration completely, include a configuration in your source bundle at .ebextensions/nginx/nginx.conf:

~/workspace/my-app/ |-- .ebextensions | `-- nginx | `-- nginx.conf `-- web.jar

If you override Elastic Beanstalk's nginx configuration, add the following line to your nginx.conf to pull in Elastic Beanstalk's configurations for Enhanced health reporting and monitoring, automatic application mappings, and static files.

include conf.d/elasticbeanstalk/*.conf;

The following example configuration from the Scorekeep sample application overrides Elastic Beanstalk's default configuration to serve a static web application from the public subdirectory of /var/app/current, where the Java SE platform copies the application source code. The /api location forwards traffic to routes under /api/ to the Spring application listening on port 5000. All other traffic is served by the web app at the root path.

Example .ebextensions/nginx/nginx.conf

user nginx; error_log /var/log/nginx/error.log warn; pid /var/run/; worker_processes auto; worker_rlimit_nofile 33282; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; include conf.d/*.conf; map $http_upgrade $connection_upgrade { default "upgrade"; } server { listen 80 default_server; root /var/app/current/public; location / { } location /api { proxy_pass; proxy_http_version 1.1; proxy_set_header Connection $connection_upgrade; proxy_set_header Upgrade $http_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } access_log /var/log/nginx/access.log main; client_header_timeout 60; client_body_timeout 60; keepalive_timeout 60; gzip off; gzip_comp_level 4; # Include the Elastic Beanstalk generated locations include conf.d/elasticbeanstalk/01_static.conf; include conf.d/elasticbeanstalk/healthd.conf; } }
AWS Elastic Beanstalk support for Amazon Linux 2 is in beta release and is subject to change.

All Amazon Linux 2 platforms support a uniform proxy configuration feature. For the new Amazon Corretto platform versions running Amazon Linux 2, expand the Reverse Proxy Configuration section in Extending Elastic Beanstalk Linux platforms.