Nginx 代理不断获取错误网关

tag-icon tag-icon nginx
Nginx 代理不断获取错误网关

我正在运行 CentOS 版本 7 虚拟机并尝试将其代理到在 Windows Server 2012 上运行的亚音速服务器。

当我使用 Apache 时,它​​运行正常,但我目前正尝试使用 Nginx 做同样的事情,但我一直收到 502 错误网关。

我似乎无法弄清楚是什么导致了这个问题。

我的nginx.conf:

server {
    listen       80;
    server_name  *.example.com;

    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

server {
    listen  80;
    server_name music.exmaple.com;

    location / {
        proxy_pass http://192.168.1.67:6060/;
        proxy_redirect / http://192.168.1.67:6060/;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        client_max_body_size    10m;
        client_body_buffer_size 128k;
        proxy_connect_timeout   90;
        proxy_send_timeout      90;
        proxy_read_timeout      90;
        proxy_buffers           32 4k;
    }
}

在 Apache 上:

<VirtualHost *:80>
    ServerName music.example.com
    ServerAlias www.music.example.com
    RewriteEngine on
    RewriteRule ^music/(.*)$ http://192.168.1.67:6060/ [P]
    ProxyPass / http://192.168.1.67:6060/
    ProxyPassReverse / http://192.168.1.67:6060/
</VirtualHost>

Telnet 到 192.168.1.67:6060

Trying 192.168.1.67...
Connected to 192.168.1.67.
Escape character is '^]'.
dir
HTTP/1.1 400 Bad Request
Connection: close
Server: Jetty(8.y.z-SNAPSHOT)

Error: 400Connection closed by foreign host.

错误日志:

2014/10/23 16:51:21 [crit] 11191#0: *1 connect() 至 192.168.1.67:6060 失败(13:权限被拒绝)连接到上游,客户端:192.168.1.1,服务器:music.example.com,请求:“GET /favicon.ico HTTP/1.1”,上游:"http://192.168.1.67:6060/favicon.ico",主机:“music.example.com”

我做错了什么?我该如何解决?

答案1

默认情况下,SELinux 会阻止 Web 服务器与外部主机建立出站连接。

您可以通过设置httpd_can_network_connect布尔值来更改此设置并允许传出连接。

setsebool -P httpd_can_network_connect 1

相关内容