[英]Nginx returns 502 to browsers but works fine with curl
I have a MediaWiki running in a kubernetes cluster.我有一个在 kubernetes 集群中运行的 MediaWiki。 The kubernetes cluster is behind an nginx proxy with the following config:
kubernetes 集群位于 nginx 代理后面,配置如下:
worker_processes 4;
worker_rlimit_nofile 40000;
events {
worker_connections 1024;
}
http {
upstream rancher {
server 192.168.122.90:80;
}
map $http_upgrade $connection_upgrade {
default Upgrade;
'' close;
}
server {
listen 443 ssl http2;
server_name .domain;
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://rancher;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# This allows the ability for the execute shell window to remain open for up to 15 minutes. Without this parameter, the default is 1 minute and will automatically close.
proxy_read_timeout 900s;
proxy_connect_timeout 75s;
}
}
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
}
I can get to the main page of the wiki, but have to log in before using it.我可以进入 wiki 的主页,但必须先登录才能使用它。 When I click to login using OAuth2 I get a 502 status from the nginx proxy server (nginx reports that the upstream ended the connection prematurely).
当我单击使用 OAuth2 登录时,我从 nginx 代理服务器获得了 502 状态(nginx 报告上游过早地结束了连接)。 If I do the same request with curl I get a 302 with the location of the authorization endpoint as expected.
如果我对 curl 执行相同的请求,我会得到一个 302,其中包含预期的授权端点的位置。 I really don't understand why it is like that.
我真的不明白为什么会这样。 Not using the proxy and directly accessing the cluster (from the vm host) works just as normally but that isn't what I want.
不使用代理并直接访问集群(从 vm 主机)可以正常工作,但这不是我想要的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.