[英]502 Bad Gateway for NodeJS server managed by PM2 inside a lxc container
I have a digital ocean droplet running Ubuntu 18.04 and inside is is an lxc container.我有一个运行 Ubuntu 18.04 的数字海洋水滴,里面是一个 lxc 容器。 I have two applications in that container.
我在那个容器中有两个应用程序。
The first application (a client) lives at /var/www/html
and the second one is the NodeJS application that lives at /var/www/my-site/
.第一个应用程序(客户端)位于
/var/www/html
,第二个是位于/var/www/my-site/
的 NodeJS 应用程序。 The Node application inside the container is managed by pm2 and everything seems to be working fine thus far because when I type in curl http://localhost:3000
at the container terminal, I get back the desired output.容器内的 Node 应用程序由 pm2 管理,到目前为止一切似乎都运行良好,因为当我在容器终端输入
curl http://localhost:3000
时,我得到了所需的输出。
Inside the main droplet (not the container) under /etc/nginx/sites-available
, I have the following two server blocks - default
and my-site
.在
/etc/nginx/sites-available
下的主液滴(不是容器)中,我有以下两个服务器块 - default
和my-site
。
The first app works fine when I try to access it through the browser via my domain but the NodeJS application returns a 502 Bad Gateway
when I try to access it through sub.mydomain.com
.当我尝试通过我的域通过浏览器访问它时,第一个应用程序工作正常,但是当我尝试通过
sub.mydomain.com
访问它时, sub.mydomain.com
应用程序返回一个502 Bad Gateway
。 pm2 start
inside the container tells me that the node application status is online
.容器内的
pm2 start
告诉我节点应用程序状态为online
。
Here is my default
server block file.这是我的
default
服务器块文件。 This works.这有效。 When I visit mydomain.com, my site shows up fine.
当我访问 mydomain.com 时,我的网站显示正常。
# HTTP — redirect all traffic to HTTPS
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
return 301 https://$host$request_uri;
}
server {
# Enable HTTP/2
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mydomain.com;
# Use the Let’s Encrypt certificates
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
# Include the SSL configuration from cipherli.st
include snippets/ssl-params.conf;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://container_ip_address /;
}
}
Now here is the other server block - my-site
.现在这里是另一个服务器块 -
my-site
。
# Upstream config
upstream site_upstream {
server 127.0.0.1:3000;
keepalive 64;
}
server {
# Enable HTTP/2
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name sub.mydomain.com www.sub.mydomain.com;
root /var/www/my-site;
# Use the Let’s Encrypt certificates
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
# Include the SSL configuration from cipherli.st
include snippets/ssl-params.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://site_upstream;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
}
I have set the A Record for my subdomain on my domain's DNS settings, to my droplet's IP address and I have also created a symbolic link to /etc/nginx/sites-enabled
for the my-site
server block.我已经在我的域的 DNS 设置中将我的子域的 A 记录设置为我的 droplet 的 IP 地址,并且我还为
my-site
服务器块创建了一个指向/etc/nginx/sites-enabled
的符号链接。
I have scoured the internet for a solution to this problem but nothing seems to be working.我已经在互联网上搜索了解决此问题的方法,但似乎没有任何效果。 What am I missing?
我错过了什么?
Your help would be greatly appreciated.您的帮助将不胜感激。 Thanks.
谢谢。
The problem here was that requests to the sub domain were not being directed to the lxc container.这里的问题是对子域的请求没有被定向到 lxc 容器。 I solved this by adding the following inside the
my-site
server block.我通过在
my-site
server 块中添加以下内容解决了这个问题。
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://container_ip/;
}
After that I added an asterisk to the next location block.之后,我在下一个位置块中添加了一个星号。
location /* {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://site_upstream;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
Another way of getting around this issue was by including the sub-domain in the server_name
directive for the default server block.解决此问题的另一种方法是在默认服务器块的
server_name
指令中包含子域。 This worked but the only problem was that nginx would complain that it had to ignore the server I had set up in the my-site
server block when you ran nginx -t
, otherwise, it worked just fine.这行得通,但唯一的问题是 nginx 会抱怨说,当您运行
nginx -t
时,它必须忽略我在my-site
服务器块中设置的服务器,否则,它工作得很好。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.