堆棧內存溢出
  簡體   English   中英

Kubernetes Nginx 容器無法訪問 php-fpm 容器

[英]Kubernetes Nginx container unable to access php-fpm container

 原文  2022-07-19 06:03:47       php/ docker/ nginx/ kubernetes/ docker-compose

問題描述

我為 nginx 和一個 php-fpm laravel 容器創建了 2 個 Kubernetes 部署。 但由於某種原因,來自 nginx 的流量似乎無法成功到達 php-fpm 容器,從而產生以下錯誤

172.18.0.1 - - [18/Jul/2022:16:51:10 +0000] "GET / HTTP/1.1" 404 555 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36"

這是我的部署文件

apiVersion: v1
kind: ConfigMap
metadata:
  name: web-server-config
  namespace: dev-api
data:
  nginx.conf: |
    server {
        listen 80;
        index index.php index.html;
        error_log  /var/log/nginx/error.log;
        access_log /var/log/nginx/access.log;
        root /var/www/html/public;

        location ~ \.php$ {
            try_files $uri =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;

            fastcgi_pass api-web-svc:9000;
            fastcgi_index index.php;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;
        }

        location / {
            try_files $uri $uri/ /index.php?$query_string;
                gzip_static on;
        }
    }
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: php-config
  namespace: dev-api
data:
  laravel.ini: |
    upload_max_filesize: 80M
    post_max_size: 80M
---
apiVersion: v1
kind: Secret
metadata:
  name: api-web-secret
  namespace: dev-api
type: Opaque
data:
 ...
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: api-web
  namespace: dev-api
spec:
  selector:
    matchLabels:
      app: api-web
  replicas: 1
  template:
    metadata:
      labels:
        app: api-web
    spec:
      containers:
      - name: api-web
        image: XXX.dkr.ecr.us-east-1.amazonaws.com/api-web:0.9.4-alpha
        volumeMounts:
         - name: php-config
           mountPath: /usr/local/etc/php/conf.d/laravel.ini
         - name: env-config
           mountPath: /var/www/html/.env
        ports:
        - containerPort: 9000
      volumes:
        - name: php-config
          configMap:
            name: php-config
        - name: env-config
          secret:
            secretName: api-web-secret
      imagePullSecrets:
      - name: regcred  
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  namespace: dev-api
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:alpine
        volumeMounts:
         - name: web-server-config
           mountPath: /etc/nginx/conf.d/
        ports:
        - containerPort: 80
      volumes:
        - name: web-server-config
          configMap:
            name: web-server-config 
---
apiVersion: v1
kind: Service
metadata:
  name:  web-server-svc
  namespace: dev-api
spec:
  type: NodePort
  selector:
    app:  nginx
  ports:
  - protocol: TCP
    port:  80
    targetPort:  80
    nodePort: 32420
---
apiVersion: v1
kind: Service
metadata:
  name:  api-web-svc
  namespace: dev-api
  labels:
    app: api-web
spec:
  type: ClusterIP
  selector:
    app:  api-web
  ports:
  - protocol: TCP
    port:  9000

namespace是單獨聲明的。 每個部署中的兩個容器都成功運行。

k logs deployment/nginx-deployment  -n dev-api
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf is not a file or does not exist
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2022/07/18 16:18:50 [notice] 1#1: using the "epoll" event method
2022/07/18 16:18:50 [notice] 1#1: nginx/1.21.6
2022/07/18 16:18:50 [notice] 1#1: built by gcc 10.3.1 20211027 (Alpine 10.3.1_git20211027) 
2022/07/18 16:18:50 [notice] 1#1: OS: Linux 5.4.0-109-generic
2022/07/18 16:18:50 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2022/07/18 16:18:50 [notice] 1#1: start worker processes
2022/07/18 16:18:50 [notice] 1#1: start worker process 21
2022/07/18 16:18:50 [notice] 1#1: start worker process 22
2022/07/18 16:18:50 [notice] 1#1: start worker process 23
2022/07/18 16:18:50 [notice] 1#1: start worker process 24
2022/07/18 16:18:50 [notice] 1#1: start worker process 25
2022/07/18 16:18:50 [notice] 1#1: start worker process 26
2022/07/18 16:18:50 [notice] 1#1: start worker process 27
2022/07/18 16:18:50 [notice] 1#1: start worker process 28

 k logs deployment/api-web -n dev-api
[18-Jul-2022 16:18:51] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[18-Jul-2022 16:18:51] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[18-Jul-2022 16:18:51] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[18-Jul-2022 16:18:51] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[18-Jul-2022 16:18:51] NOTICE: fpm is running, pid 1
[18-Jul-2022 16:18:51] NOTICE: ready to handle connections

而在api-web部署中用來生成鏡像api-web:0.9.4-alpha的Dockerfile如下圖

FROM php:7.2-fpm

# Copy composer.lock and composer.json
COPY composer.lock composer.json /var/www/html/

# Set working directory
WORKDIR /var/www/html

# Install dependencies
RUN apt-get update && apt-get install -y \
    build-essential \
    libpng-dev \
    libjpeg62-turbo-dev \
    libfreetype6-dev \
    locales \
    zip \
    jpegoptim optipng pngquant gifsicle \
    vim \
    unzip \
    git \
    curl \
    nodejs \
    npm

# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*

# Install extensions
RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl
RUN docker-php-ext-configure gd --with-gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/
RUN docker-php-ext-install gd

# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer

# Add user for laravel application
RUN groupadd -g 1000 www
RUN useradd -u 1000 -ms /bin/bash -g www www

# Copy existing application directory contents
COPY . /var/www/html/

# Copy existing application directory permissions
COPY --chown=www:www . /var/www/html/

# Change current user to www
USER www

## Run composer dependencies
RUN composer update
RUN composer install

# Expose port 9000 and start php-fpm server
EXPOSE 9000
CMD ["php-fpm"]

這個 Dockerfile 也運行良好,沒有問題。 使用此圖像的docker-compose文件也可以正常工作。

為什么來自nginx-deployment容器的流量無法到達api-web php-fpm 容器並出現錯誤的任何想法

172.18.0.1 - - [18/Jul/2022:16:51:10 +0000] "GET / HTTP/1.1" 404 555 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36"

2 個解決方案

解決方案1
 0  2022-07-19 09:02:48

據我所知,兩個 pod 或至少容器需要相同的源文件。 如果 nginx 不知道這個 php 文件存在,它就無法將請求轉發到 php-fpm 容器。

我說的是容器,雖然我不建議將 nginx 和 php-fpm 拆分為單獨的 pod。 我更有可能將這些容器作為一個單元啟動,在一個 pod 中具有相同的源。 除非您有某種 Cron 作業或批處理作業。

解決方案2
 -1  2022-07-19 10:03:42

如果使用php-fpm ,我建議在一個POD中維護兩個容器

apiVersion: extensions/v1
kind: Deployment
metadata:
  labels:
    app: wordpress-site
  name: wordpress-site
  namespace: development
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: wordpress-site
      tier: frontend
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: wordpress-site
        tier: frontend
    spec:
      volumes:
      - configMap:
          defaultMode: 256
          name: nginxthroughpass
          optional: false
        name: nginxconf
      - name: shared-files
        emptyDir: {}
      containers:
        - name: app
          image: <REPLACE WITH DOCKER PHP-FPM IMAGE URL>
          imagePullPolicy : IfNotPresent
          volumeMounts:
            - name: shared-files
              mountPath: /var/www/html
          envFrom:
            - configMapRef:
                name: wordpress-configmap
        - name: nginx
          image: nginx
          imagePullPolicy : IfNotPresent
          volumeMounts:
          - name: shared-files
            mountPath: /var/www/html
          - mountPath: /etc/nginx/conf.d
            name: nginxconf
            readOnly: true

參考回購:https ://github.com/harsh4870/Kubernetes-wordpress-php-fpm-nginx

如果您不想運行 nginx 控制器,您也可以使用 Nginx 入口將流量轉發到 php-fpm 容器

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/backend-protocol: "FCGI"
    nginx.ingress.kubernetes.io/fastcgi-index: "index.php"
    nginx.ingress.kubernetes.io/fastcgi-params-configmap: "configmap"
  name: example-app
spec:
  ingressClassName: nginx
  rules:
  - host: example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              name: fastcgi

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 Docker - NGINX 容器轉發到 PHP-FPM 容器 Kubernetes 上的 PHP-FPM + Nginx 如何使用 PHP-FPM 和 Nginx Docker 容器解析未知的 PHP-FPM 主腳本? Nginx + PHP-FPM:PHP-FPM 容器的 5000 端口連接被拒絕,而 9000 端口沒有問題 phpMyAdmin 作為 PHP-FPM 容器 在多容器設置中提供 php-fpm 和 nginx 圖像和 css 如何在 docker 容器中啟用 php-fpm 的訪問日志? 無法從apache訪問php-fpm容器 使用本地Apache訪問docker容器上的php-fpm Nginx Docker容器-將php文件請求轉發到php-fpm容器
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM