Issues related to load balancers

When running behind load balancers/reverse proxies you may see failed connection errors with CircleCI. This is due to CircleCI never receiving the HTTPS url that is handled by the load balancer. A common pattern for this configuration is:

(User) --HTTPS--> (Load Balancer ) --HTTP--> (CircleCI)

Errors that you may see are:

1. GitHub authentication errors: 

error_description=The+redirect_uri+MUST+match+the+registered+callback+URL+for+this+application.&error_uri=https%3A%2F%2Fdeveloper.github.com%2Fenterprise%2F2.11%2Fv3%2Foauth%2F%23redirect-uri-mismatch

You can use the system variable CIRCLE_URL to define a HTTPS url:

  1. Find the hostname CircleCI is exposed on, must match that defined in :8800/settings
  2. Edit customizations file on Services node sudo vi /etc/circle-installation-customizations
  3. Add full path to host including HTTPS prefix, i.e export CIRCLE_URL="https://circle.example.com"
  4. Restart services via replicated console.

 

2. The front-end does not update automatically:

pusher-94f425ff3b262f615972fa7cdfed368b.min.js:72 WebSocket connection to 'wss://circleci.org.net/app/circle?protocol=7&client=js&version=2.2.4&flash=false' failed: Error during WebSocket handshake: Unexpected response code: 404

To resolve this add an SSL certificate between the ELB and the services box, connecting port 443 to port 443. Usually the ELB is trying to connect to port 80 on the Services client, instead of 443. 

 

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.