堆棧內存溢出
  簡體   English   中英

Nginx反向代理不適用於動態proxy_pass

[英]Nginx reverse proxy not working with dynamic proxy_pass

 原文  2017-09-26 17:21:47       amazon-web-services/ nginx/ proxy/ reverse-proxy

問題描述

我正在嘗試使用nginx反向代理來代理AWS API,並遇到一個問題,即如果我靜態定義上游服務器,它會完美運行,但是如果我嘗試動態生成它,則會引發502 Bad Gateway錯誤。 我不確定如何解決此問題。

/etc/nginx/nginx.conf 

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;
        gzip_disable "msie6";

        ##
        # Logging
        ##

        log_format upstreamlog '[$time_local] $host $remote_addr - $remote_user - $server_name to: $upstream_addr ($upstream_http_name): $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}

/ etc / nginx / sites-enabled / default 

server {
        listen 80;

        server_name (.*)\.(.*)\.(.*)\.colinaws\.com (.*)\.(.*)\.colinaws\.com (.*)\.colinaws\.com;

        access_log /var/log/nginx/proxy.log upstreamlog;

        location / {
                if ($host ~* (.*)\.colinaws\.com) {
                        proxy_pass http://$1.amazonaws.com;
                }
                if ($host ~* (.*)\.(.*)\.colinaws\.com) {
                        proxy_pass http://$1.$2.amazonaws.com;
                }
                if ($host ~* (.*)\.(.*)\.(.*)\.colinaws\.com) {
                        proxy_pass http://$1.$2.amazonaws.com;
                }
                proxy_set_header Host $host;
                proxy_pass_header Authorization;
                proxy_pass_header X-Amz-Target;
                proxy_pass_header X-Amz-Date;
                proxy_pass_header User-Agent;
                proxy_pass_header Content-Type;
                proxy_pass_header Content-Length;
                proxy_pass_header Accept-Encoding;
        }
}

在上述配置中,它不起作用,但是如果我繼續將proxy_pass靜態定義為AWS終端節點(例如, http://dynamodb.us-west-2.amazonaws.com ),則它可以正常工作。

2 個解決方案

解決方案1
 2 已采納  2017-09-27 23:31:40

這里的問題是沒有將proxy_pass設置為獨立變量,也沒有設置resolver標志。 這兩項的共同作用迫使nginx每次傳遞都要重新解析URL,而不是在開始時就緩存IP地址。 我的最終(穩定)配置如下所示: 

server {
        # Listen on port 80, this will be updated to port 443 once ssl is enabled
        listen 80;

        # Server names should map to incoming requests so we can regex process out the service and
        # region later
        server_name (.*)\.(.*)\.(.*)\.colinaws\.com (.*)\.(.*)\.colinaws\.com;

        # Log the incoming information for debug purposes. The formatter 'upstreamlog' can be found in
        # the config root at /etc/nginx/nginx.conf
        #access_log /var/log/nginx/proxy.log upstreamlog;

        # Need to have a DNS server to resolve the FQDNs provided to proxy_pass
        resolver 8.8.8.8;

        # Parse the incoming FQDN and determine the upstream server
        if ($host ~* (.*)\.(.*)\.colinaws\.com) {
                set $upstream http://$1.amazonaws.com;
        }
        if ($host ~* (.*)\.(.*)\.(.*)\.colinaws\.com) {
                set $upstream http://$1.$2.amazonaws.com;
        }

        # Proxy the request upstream
        location / {
                proxy_pass $upstream;
                proxy_set_header Host $host;
                proxy_pass_header Authorization;
                proxy_pass_header X-Amz-Target;
                proxy_pass_header X-Amz-Date;
                proxy_pass_header User-Agent;
                proxy_pass_header Content-Type;
                proxy_pass_header Content-Length;
                proxy_pass_header Accept-Encoding;
        }
}

解決方案2
 0  2017-09-26 19:21:06

您需要使用 

server {
        listen 80;

        server_name (.*)\.(.*)\.(.*)\.colinaws\.com (.*)\.(.*)\.colinaws\.com (.*)\.colinaws\.com;

        access_log /var/log/nginx/proxy.log upstreamlog;

        location / {
                if ($host ~* (.*)\.colinaws\.com) {
                        proxy_pass http://$1.amazonaws.com$request_uri$is_args$args;
                }
                if ($host ~* (.*)\.(.*)\.colinaws\.com) {
                        proxy_pass http://$1.$2.amazonaws.com$request_uri$is_args$args;
                }
                if ($host ~* (.*)\.(.*)\.(.*)\.colinaws\.com) {
                        proxy_pass http://$1.$2.amazonaws.com$request_uri$is_args$args;
                }
                proxy_set_header Host $host;
                proxy_pass_header Authorization;
                proxy_pass_header X-Amz-Target;
                proxy_pass_header X-Amz-Date;
                proxy_pass_header User-Agent;
                proxy_pass_header Content-Type;
                proxy_pass_header Content-Length;
                proxy_pass_header Accept-Encoding;
        }
}

proxy_pass使用變量時,您還需要提供完整的uri和args

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 Nginx proxy_pass到aws Api網關 NGINX 可以修改proxy_pass 后的響應碼嗎? Nginx proxy_pass 到帶有尾部斜杠的變量失敗 nginx、flower、Django、proxy_pass 和拒絕無效主機 多個位置的 NGINX 反向代理不起作用 nginx反向代理到本地主機 NGINX proxy_pass 5xx錯誤顯示S3 + CloudFront上托管的html文件 Nginx proxy pass failed to proxy pass to Zipkin 為什么會通過 proxy_pass 請求重定向到奇怪的頁面 使用Nginx作為指向AWS ALB的反向代理
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM