Zenoss over SSL with Nginx reverse proxy.

Zenoss is an enterprise infrastructure monitoring tool that can give in real time the big picture of networks, applications, hardware performances and issues running from a small business to a cloud service. While using it I found the lack of a decent SSL support running out off the box, in order to overcome this issue I decided to use Nginx as reverse proxy server to handle and deliver Zenoss with the SSL support. For this example I’m using Zenoss a debian Native Stack installed on Ubuntu server 10.04

Zenoss download:

http://community.zenoss.org/docs/DOC-3240?noregister

Preparing zenoss:

You need to locate the file zope.conf, which in this case is locate into /usr/local/zenoss/zenoss/etc/zope.conf , and find the line that contains “# ip-address 127.0.0.1″ and uncomment it as follows.

# ip-address 127.0.0.1

to

ip-address 127.0.0.1

After you are saved the zope.conf file you need to restart the Zope server as zenoss user.

su – zenoss

zopectl restart

Nginx

You need to install Nginx and the openssl utilities, create an ssl directory to store the certificates and create the certificates.


apt-get install nginx openssl

mkdir /etc/nginx/ssl

cd /etc/nginx/ssl

openssl req -new -x509 -days 365 -nodes -out zenoss.pem -keyout zenoss.key

zenoss.key zenoss.pem

rm /etc/nginx/sites-enabled/default

touch /etc/nginx/sites-enabled/default


server {
    listen 443 default ssl;
    server_name myserver;

      ssl on;
      ssl_certificate      /etc/nginx/ssl/zenoss.pem;
      ssl_certificate_key  /etc/nginx/ssl/zenoss.key;

location / {
        rewrite ^(.*)$ /VirtualHostBase/https/serveripaddress:443$1 break;
        proxy_pass http://127.0.0.1:8080;
    }
}

Restart Nginx before the login.

/etc/init.d/nginx restart

Restarting nginx: nginx.

At this point everything should work smoothly, now you can test your new Zenoss over SSL pointing the browser to https://serveripaddress

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>