配置

配置

我已经成功设置了一个以 nginx 为前端的 PHP 快速 CGI 应用程序。如果我直接访问 nginx,一切都会按预期运行。然而,在生产中,流量是通过 HAProxy 实例路由的,我无法使该配置正常工作。

当通过 HAProxy 时,我收到502 Bad Gateway来自 nginx 的以下错误:

[info] 7#7: *1 epoll_wait() reported that client prematurely closed connection, so upstream connection is closed too (104: Connection reset by peer) while reading upstream, client: 172.18.0.6, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://172.18.0.3:9000", host: "localhost:8888"

配置

这是我的 docker-compose.yml 描述堆栈:

version: '2'
services:
    logger:
        image: colstrom/syslog
    proxy:
        build:
            context: .
            dockerfile: Dockerfile-haproxy
        ports:
            - "8888:12000"
    web:
        build:
            context: .
            dockerfile: Dockerfile-web
        ports:
            - "9999:80"
    php:
        build:
            context: .
            dockerfile: Dockerfile-app

Dockerfile-haproxy:

FROM haproxy:1.7
COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
EXPOSE 12000

haproxy配置文件

global
    maxconn 4096
    maxpipes 1024
    log logger:514 local2

defaults
    timeout client 50000
    timeout connect 5000
    timeout server 50000

frontend bak
 bind *:12000
 mode http
 option httplog
 log global
 default_backend bak

backend bak
 mode http
 server web web:80

Dockerfile-web:

FROM nginx
COPY site.conf /etc/nginx/conf.d/default.conf
COPY src /var/www/html

site.conf(nginx 配置):

server {
    index index.php index.html;
    error_log  /var/log/nginx/error.log info;
    access_log /var/log/nginx/access.log;
    root /var/www/html;

    location / {
        fastcgi_pass php:9000;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME index.php;
    }
}

docker-compose的完整日志输出如下:

php_1      | 172.18.0.2 -  11/Feb/2017:11:09:19 +0000 "GET /" 200
web_1      | 2017/02/11 11:09:19 [info] 7#7: *1 epoll_wait() reported that client prematurely closed connection, so upstream connection is closed too (104: Connection reset by peer) while reading upstream, client: 172.18.0.6, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://172.18.0.3:9000", host: "localhost:8888"
web_1      | 172.18.0.6 - - [11/Feb/2017:11:09:19 +0000] "GET / HTTP/1.1" 200 8005 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36"
logger_1   | Feb 11 11:09:19 a94d638768c9 user.notice root: <150>Feb 11 11:09:19 haproxy[9]: 172.18.0.1:54508 [11/Feb/2017:11:09:19.285] bak bak/web 0/0/1/-1/37 502 8524 - - PH-- 0/0/0/0/0 0/0 "GET / HTTP/1.1"

似乎需要在 HAProxy 或 nginx 中进行一些额外的配置,但我不知道该做什么。

更新/我尝试过的事情

我遇到过一个建议的修复方法是设置 nginx fastcgi_ignore_client_abort on;。最终结果相同,但 nginx 错误略有不同:

2017/02/11 11:40:35 [info] 7#7: *3 writev() failed (104: Connection reset by peer) while sending to client, client: 172.18.0.5, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://172.18.0.2:9000", host: "localhost:8888"

设置 nginx proxy_buffering on;。这没什么区别。


设置 haproxymode tcp将正确提供页面。但是我需要这样做,mode http因为我正在进行 L7 负载平衡(此测试用例中未显示)。这让我意识到 HAProxy 日志正在报告,PH我理解这意味着上游的响应不佳。

有什么方法可以让我获得更多相关信息?如果我直接进入 nginx,据我所知,响应标头看起来不错:

HTTP/1.1 200 OK
Server: nginx/1.11.9
Date: Sat, 11 Feb 2017 12:05:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Expires: Sat, 11 Feb 2017 12:15:07GMT
Cache-Control: public,max-age=600

答案1

haproxy 日志中的PH--问题最终暴露了出来。HTTP 响应标头无效。我刚刚删除了它DateExpires现在一切都正常了。

相关内容