[英]Nginx reverse proxy not working with dynamic proxy_pass
I am attempting to use an nginx reverse proxy to proxy up to the AWS API and am hitting an issue where if I statically define the upstream server, it works perfectly, but if I attempt to generate it dynamically it throws a 502 Bad Gateway error. 我正在尝试使用nginx反向代理来代理AWS API,并遇到一个问题,即如果我静态定义上游服务器,它会完美运行,但是如果我尝试动态生成它,则会引发502 Bad Gateway错误。 I am unsure how to fix this issue.
我不确定如何解决此问题。
/etc/nginx/nginx.conf /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
##
# Logging
##
log_format upstreamlog '[$time_local] $host $remote_addr - $remote_user - $server_name to: $upstream_addr ($upstream_http_name): $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-enabled/default / etc / nginx / sites-enabled / default
server {
listen 80;
server_name (.*)\.(.*)\.(.*)\.colinaws\.com (.*)\.(.*)\.colinaws\.com (.*)\.colinaws\.com;
access_log /var/log/nginx/proxy.log upstreamlog;
location / {
if ($host ~* (.*)\.colinaws\.com) {
proxy_pass http://$1.amazonaws.com;
}
if ($host ~* (.*)\.(.*)\.colinaws\.com) {
proxy_pass http://$1.$2.amazonaws.com;
}
if ($host ~* (.*)\.(.*)\.(.*)\.colinaws\.com) {
proxy_pass http://$1.$2.amazonaws.com;
}
proxy_set_header Host $host;
proxy_pass_header Authorization;
proxy_pass_header X-Amz-Target;
proxy_pass_header X-Amz-Date;
proxy_pass_header User-Agent;
proxy_pass_header Content-Type;
proxy_pass_header Content-Length;
proxy_pass_header Accept-Encoding;
}
}
In the above configuration it does not work, but if I go ahead and statically define the proxy_pass
as an AWS endpoint (say http://dynamodb.us-west-2.amazonaws.com ) it works perfectly. 在上述配置中,它不起作用,但是如果我继续将
proxy_pass
静态定义为AWS终端节点(例如, http://dynamodb.us-west-2.amazonaws.com ),则它可以正常工作。
The issue here was that proxy_pass
was not set to a standalone variable and there was no resolver
flag set. 这里的问题是没有将
proxy_pass
设置为独立变量,也没有设置resolver
标志。 The addition of both of these items forces nginx to re-resolve the URL every passthrough instead of caching the IP address on the onset. 这两项的共同作用迫使nginx每次传递都要重新解析URL,而不是在开始时就缓存IP地址。 My final (stable) configuration looks like this:
我的最终(稳定)配置如下所示:
server {
# Listen on port 80, this will be updated to port 443 once ssl is enabled
listen 80;
# Server names should map to incoming requests so we can regex process out the service and
# region later
server_name (.*)\.(.*)\.(.*)\.colinaws\.com (.*)\.(.*)\.colinaws\.com;
# Log the incoming information for debug purposes. The formatter 'upstreamlog' can be found in
# the config root at /etc/nginx/nginx.conf
#access_log /var/log/nginx/proxy.log upstreamlog;
# Need to have a DNS server to resolve the FQDNs provided to proxy_pass
resolver 8.8.8.8;
# Parse the incoming FQDN and determine the upstream server
if ($host ~* (.*)\.(.*)\.colinaws\.com) {
set $upstream http://$1.amazonaws.com;
}
if ($host ~* (.*)\.(.*)\.(.*)\.colinaws\.com) {
set $upstream http://$1.$2.amazonaws.com;
}
# Proxy the request upstream
location / {
proxy_pass $upstream;
proxy_set_header Host $host;
proxy_pass_header Authorization;
proxy_pass_header X-Amz-Target;
proxy_pass_header X-Amz-Date;
proxy_pass_header User-Agent;
proxy_pass_header Content-Type;
proxy_pass_header Content-Length;
proxy_pass_header Accept-Encoding;
}
}
You need to use 您需要使用
server {
listen 80;
server_name (.*)\.(.*)\.(.*)\.colinaws\.com (.*)\.(.*)\.colinaws\.com (.*)\.colinaws\.com;
access_log /var/log/nginx/proxy.log upstreamlog;
location / {
if ($host ~* (.*)\.colinaws\.com) {
proxy_pass http://$1.amazonaws.com$request_uri$is_args$args;
}
if ($host ~* (.*)\.(.*)\.colinaws\.com) {
proxy_pass http://$1.$2.amazonaws.com$request_uri$is_args$args;
}
if ($host ~* (.*)\.(.*)\.(.*)\.colinaws\.com) {
proxy_pass http://$1.$2.amazonaws.com$request_uri$is_args$args;
}
proxy_set_header Host $host;
proxy_pass_header Authorization;
proxy_pass_header X-Amz-Target;
proxy_pass_header X-Amz-Date;
proxy_pass_header User-Agent;
proxy_pass_header Content-Type;
proxy_pass_header Content-Length;
proxy_pass_header Accept-Encoding;
}
}
When you use variables in proxy_pass
you need to provide complete uri and args also 在
proxy_pass
使用变量时,您还需要提供完整的uri和args
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.