堆棧內存溢出
  簡體   English   中英

nginx-php-fpm如果nginx文件夾中沒有index.php,則禁止

[英]nginx - php-fpm Forbidden if the index.php is not present in nginx folder

 原文  2018-08-22 13:43:42       php/ nginx/ kubernetes/ google-cloud-platform/ fpm

問題描述

我們正在嘗試使用kubernetes在GCP上部署應用程序。 我們僅使用PHP-FPM和NGINX創建一個容器/容器。

我們進行了部署並一切正常,但是當我們嘗試獲取名為index.php的“ helloword” php文件時,NGINX服務會收到錯誤403 Forbidden。

因此,我嘗試進入NGINX容器並在php項目(/ var / www / html / symfony / public)的根目錄下手動添加index.php。 當我這樣做時,NGINX神奇地返回了PHP-FPM腳本,而不是Pod內部創建的文件。 為了讓您理解,我附加了NGINX配置 

      server {
      index index.php index.html;
      server_name php-docker.local;
      error_log  /var/log/nginx/error.log;
      access_log /var/log/nginx/access.log;
      root /var/www/html/symfony/public;

      location ~ \.php$ {
          fastcgi_split_path_info ^(.+\.php)(/.+)$;
          fastcgi_pass symfony:9000;
          fastcgi_index index.php;
          include fastcgi_params;
          fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
          fastcgi_param PATH_INFO $fastcgi_path_info;
      }
  }

NGINX服務器使用kubernetes DNS symfony:9000將請求重定向到PHP-FPM服務器

[編輯]

是的,我還提供一項服務,允許NGINX與PHP-FPM通信: 

apiVersion: apps/v1
kind: Deployment
metadata:
  name: symfony
  namespace: default
  labels:
    app: symfony
spec:
  selector:
    matchLabels:
      app: symfony
  replicas: 1
  template:
    metadata:
      labels:
        app: symfony
        tier: back
    spec:
      containers:
      - name: symfony
        image: gcr.io/myphone-mmpk/symfony:v.80
        #TODO: REMOVE THIS
        imagePullPolicy: Always
        ports:
          - containerPort: 9000
        resources:
          requests:
            memory: 16Mi
            cpu: 1m
          limits:
            memory: 128Mi
            cpu: 20m
---
kind: Service
apiVersion: v1
metadata:
  name: symfony
  namespace: default
spec:
  selector:
    app: symfony
  type: NodePort
  ports:
  - protocol: TCP
    port: 9000
    targetPort: 9000

這是ku8的nginx的清單: 

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
  namespace: default
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      volumes:
        - name: html
          emptyDir: {}
        - name: nginx
          configMap:
            name: nginx-configmap
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80
        volumeMounts:
        - mountPath: /etc/nginx/conf.d
          name: nginx
        - mountPath: /var/www/html/symfony/public
          name: html
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-configmap
  namespace: default
data:
  default.conf: |
      server {
          index index.php index.html;
          server_name php-docker.local;
          error_log  /var/log/nginx/error.log;
          access_log /var/log/nginx/access.log;
          root /var/www/html/symfony/public;

          location ~ \.php$ {
              fastcgi_split_path_info ^(.+\.php)(/.+)$;
              fastcgi_pass symfony:9000;
              fastcgi_index index.php;
              include fastcgi_params;
              fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
              fastcgi_param PATH_INFO $fastcgi_path_info;
          }
      }
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: nginx-hpa
  namespace: default
  labels:
    app: nginx
spec:
  scaleTargetRef:
    kind: Deployment
    name: nginx
    apiVersion: apps/v1
  minReplicas: 1
  maxReplicas: 5
  targetCPUUtilizationPercentage: 80
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
  namespace: default
  labels:
    app: nginx
spec:
  ports:
  - protocol: TCP
    port: 80
  selector:
    app: nginx
  type: LoadBalancer
  loadBalancerIP: ~

2 個解決方案

解決方案1
 0  2018-08-22 14:20:31

您需要為每個Kubernetes服務創建一個kubernetes服務,以描述應用程序的公開端口。 或者將容器放在同一個容器中,並使用localhost:9000

內部kube DNS看起來像my-svc.my-namespace.svc.cluster.local

您不需要服務中將描述的端口信息。

參見https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/

解決方案2
 0 已采納  2018-08-27 13:51:31

我使用此NGINX配置解決。 不是Kubernetes問題... 

      server {
      server_name php-docker.local;
      error_log  /var/log/nginx/error.log;
      access_log /var/log/nginx/access.log;
      root /var/www/html/symfony/public;

      proxy_buffering off;

      location = /nginx-health {
          access_log off;
          return 200 "healthy\n";
      }

      location / {
          try_files $uri /index.php$is_args$args;
      }

      location ~ \.php {
          fastcgi_split_path_info ^(.+\.php)(/.+)$;
          fastcgi_pass symfony:9000;
          include fastcgi_params;
          fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
          fastcgi_param DOCUMENT_ROOT $document_root;
          internal;
      }
      location ~ \.php$ {
              return 404;
      }
  }

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 nGinx和PHP-FPM下載index.php NGINX和PHP-FPM正在下載index.php而不是處理它 Nginx 403禁止使用php-fpm docker中的nginx和php-fpm:無法finx index.php 無限循環 Nginx php-fpm 重定向到另一個索引。php Nginx 正在下載 index.php 而不是執行 - Docker + symfony + php-fpm 同時文件上傳返回403禁止使用nginx和php-fpm Kubernetes 上的 PHP-FPM + Nginx nginx-php-fpm崩潰 適用於Nginx和php-fpm的Docker
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM