Question with using Airflow with HTTPS #373
Comments
|
From the creator of flask: |
|
I'm fine adding whatever hook you need for this to work, I'm just ensure on what the hook is... Something on the Tornado configuration around here? |
|
It seems that problem is this line, where it asks for a redirect but dropps the HTTPS-scheme and tries a redirect to HTTP-page that causes the ELB not to function, as it works only HTTPS-connections.
|
|
I did some work on this and it comes down to the url scheme in flask. If you can redirect to that and your whatever you're using to proxy requests ELB in this case uses This gist (https://gist.github.com/neovintage/d93baefc7f623a8f599f) is a plugin that you can add to your installation to add SSL support. Ideally, this should really be merged into master and a config option added. We don't want passwords and things flying over the wire in plain text. If @mistercrunch thinks it's worthwhile, I can create a pull request instead of this being a plugin. We can prob close this issue out too. |
|
Thanks! This worked like a charm. All we had to do is to drop that py-file into plugins folder! Great! B.R., From: Rimas Silkaitis [mailto:[email protected]] I did some work on this and it comes down to the url scheme in flask. If you can redirect to that and your whatever you're using to proxy requests ELB in this case uses X-Forwarded-Proto in the headers, then this is fixable. This gist (https://gist.github.com/neovintage/d93baefc7f623a8f599f) is a plugin that you can add to your installation to add SSL support. Ideally, this should really be merged into master and a config option added. We don't want passwords and things flying over the wire in plain text. If @mistercrunchhttps://github.com/mistercrunch thinks it's worthwhile, I can create a pull request instead of this being a plugin. We can prob close this issue out too. — |
|
In some release this was (or the ssl_everywhere plugin) were broken and we didn't want to path the gunicorn starting starting string, so we changed from ELB SSL termination to Nginx termination |
* [AIRBNB][DI-3845] Build smart sensor operator * [DI-3845][addendum]Support infra retry in smart sensor (apache#372) * [DI-3845][addendum]Group distributed task log by host (apache#373) * [DI-3845][addendum]Set the end_of_log only logs on all hosts end (apache#381) Set end_of_log when logs from all know hosts have been fully loaded or es query has lasted for 5 mins. This is to fix the issue that sometime a second worker can pick up a running task and exit after checking dependency. Checking only the end of log mark for a host with later timestamp may violate the loading of real running worker. * [DI-3845][addendum]Fix UI empty log return (apache#383) * [DI-3845][addendum]Raise infra failure without retry for smart sensor (apache#384) * [DI-3845][addendum]Add query infor for exception log (apache#387) Apply Black formatting Apply Black formatting
Hi,
Currently we use an AWS ELB to expose Airflow's Web UI to our users. The problem is that when they the URL directly https://airflow.domain.fi/ Airflow tries to execute a redirect to http://airflow.domain.fi/admin, dropping the HTTPS scheme. We discovered that flask supports setting the default scheme (http://stackoverflow.com/questions/14810795/flask-url-for-generating-http-url-instead-of-https) but where do we put the config value for airflow to pick it up? We tried airflow.cfg but it didn't work.
All help is much appreciated,
B.R.,
Mikko Kivistö
The text was updated successfully, but these errors were encountered: