Redirect agent links in the web GUI to common reverse proxy

Question

Redirect agent links in the web GUI to common reverse proxy

Closed this issue 4 years ago · 6 comments

I would like to have the agent pointing links in the web GUI point to a reverse proxy, so that I can look at the job logs without having to tunnel inside the agents cluster. Is that actually possible?

Answer 1 · 2020-09-29T17:04:38.000Z

If you're using the Thermos Executor + Thermos Observer, you should be able to see the logs in Aurora's web UI. If you use your own custom executor, you could do something like what Thermos Observer does which is spin up a server at each Mesos Agent to serve a sandbox file browser (among other things).

Answer 2 · 2020-09-29T22:03:28.000Z

yes, I see the logs, but the urls the main page links to is the absolute URL of the observer e.g. myhost.mydomain:1234 . I would like to have myfrontend.mydomain/myhost/ so that I can reverse proxt it. Is it actually possible?

Answer 3 · 2020-09-29T23:10:15.000Z

Hmm, I think I might need more clarification on the ask here:

Do you want to be able to hit an endpoint (e.g. myfrontend.mydomain/myhost/) that reverse proxies to a server running a specific set of tasks? (For example, a set of servers serving a web page) If so it seems like https://github.com/aurora-scheduler/aurproxy might be of interest.

Or do you want to hit the reverse proxy and be able to get to task running on the Mesos cluster?
If so, a good starting point would be here https://aurora-scheduler.readthedocs.io/en/latest/features/service-discovery/

Feel free to hop on our slack channel #aurora on https://mesos.slack.com (you can request an invite through https://mesos-slackin.herokuapp.com)

Answer 4 · 2020-10-05T17:44:03.000Z

Since I haven't heard back in a few days, I'm gonna go ahead and close this. Please feel free to continue the discussion if you still have any questions.

Answer 5 · 2020-10-05T18:39:52.000Z

Hi, sorry for the late reply. I missed your response. I think I do not want to do either one.

What I want to do is to go on the aurora scheduler page, e.g.:

https://myscheduler.domain/scheduler/myRole/prod/myJob

click on the link with the agent hostname for one of the tasks, which currently points to http://myagent.domain:1338/task/myRole-devel-myJob-0-7fc04216-a7b3-4dd6-b54d-d13728654d40, and be redirected to a reverse proxy, rather than the actual agent. My problem is that all the agents are actually behind a firewall, and I cannot simply be redirected to the thermos_observer hostname+port.

Answer 6 · 2020-10-05T19:30:56.000Z

Ah, okay that makes a lot of sense.

Unfortunately Aurora does not natively support this and I'm not sure I've seen such a project be open sourced. Theoretically it could be done by sitting a reverse proxy and using the service discovery I mentioned above to figure out which Mesos agent is running the shard you're looking for (along with the path built from the key provided) but this is something that'll have to be built outside of Aurora.