在 lxc 容器内由 PM2 管理的 NodeJS 服务器的 502 错误网关
[英]502 Bad Gateway for NodeJS server managed by PM2 inside a lxc container
问题描述
I have a digital ocean droplet running Ubuntu 18.04 and inside is is an lxc container.
我有一个运行 Ubuntu 18.04 的数字海洋水滴,里面是一个 lxc 容器。 I have two applications in that container.我在那个容器中有两个应用程序。
The first application (a client) lives at /var/www/html and the second one is the NodeJS application that lives at /var/www/my-site/ .第一个应用程序(客户端)位于/var/www/html ,第二个是位于/var/www/my-site/的 NodeJS 应用程序。 The Node application inside the container is managed by pm2 and everything seems to be working fine thus far because when I type in curl http://localhost:3000 at the container terminal, I get back the desired output.容器内的 Node 应用程序由 pm2 管理,到目前为止一切似乎都运行良好,因为当我在容器终端输入curl http://localhost:3000时,我得到了所需的输出。
Inside the main droplet (not the container) under /etc/nginx/sites-available , I have the following two server blocks - default and my-site .在/etc/nginx/sites-available下的主液滴(不是容器)中,我有以下两个服务器块 - default和my-site 。
The first app works fine when I try to access it through the browser via my domain but the NodeJS application returns a 502 Bad Gateway when I try to access it through sub.mydomain.com .当我尝试通过我的域通过浏览器访问它时,第一个应用程序工作正常,但是当我尝试通过sub.mydomain.com访问它时, sub.mydomain.com应用程序返回一个502 Bad Gateway 。 pm2 start inside the container tells me that the node application status is online .容器内的pm2 start告诉我节点应用程序状态为online 。
Here is my default server block file.这是我的default服务器块文件。 This works.这有效。 When I visit mydomain.com, my site shows up fine.当我访问 mydomain.com 时,我的网站显示正常。
# HTTP — redirect all traffic to HTTPS
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
return 301 https://$host$request_uri;
}
server {
# Enable HTTP/2
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mydomain.com;
# Use the Let’s Encrypt certificates
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
# Include the SSL configuration from cipherli.st
include snippets/ssl-params.conf;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://container_ip_address /;
}
}
Now here is the other server block - my-site .现在这里是另一个服务器块 - my-site 。
# Upstream config
upstream site_upstream {
server 127.0.0.1:3000;
keepalive 64;
}
server {
# Enable HTTP/2
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name sub.mydomain.com www.sub.mydomain.com;
root /var/www/my-site;
# Use the Let’s Encrypt certificates
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
# Include the SSL configuration from cipherli.st
include snippets/ssl-params.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://site_upstream;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
}
I have set the A Record for my subdomain on my domain's DNS settings, to my droplet's IP address and I have also created a symbolic link to /etc/nginx/sites-enabled for the my-site server block.我已经在我的域的 DNS 设置中将我的子域的 A 记录设置为我的 droplet 的 IP 地址,并且我还为my-site服务器块创建了一个指向/etc/nginx/sites-enabled的符号链接。
I have scoured the internet for a solution to this problem but nothing seems to be working.我已经在互联网上搜索了解决此问题的方法,但似乎没有任何效果。 What am I missing?我错过了什么?
Your help would be greatly appreciated.您的帮助将不胜感激。 Thanks.谢谢。
1 个解决方案
解决方案1
0 已采纳 2020-02-08 06:08:50
The problem here was that requests to the sub domain were not being directed to the lxc container.这里的问题是对子域的请求没有被定向到 lxc 容器。 I solved this by adding the following inside the my-site server block.我通过在my-site server 块中添加以下内容解决了这个问题。
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://container_ip/;
}
After that I added an asterisk to the next location block.之后,我在下一个位置块中添加了一个星号。
location /* {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://site_upstream;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
Another way of getting around this issue was by including the sub-domain in the server_name directive for the default server block.解决此问题的另一种方法是在默认服务器块的server_name指令中包含子域。 This worked but the only problem was that nginx would complain that it had to ignore the server I had set up in the my-site server block when you ran nginx -t , otherwise, it worked just fine.这行得通,但唯一的问题是 nginx 会抱怨说,当您运行nginx -t时,它必须忽略我在my-site服务器块中设置的服务器,否则,它工作得很好。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.