我已经成功设置了一个以 nginx 为前端的 PHP 快速 CGI 应用程序。如果我直接访问 nginx,一切都会按预期运行。然而,在生产中,流量是通过 HAProxy 实例路由的,我无法使该配置正常工作。
当通过 HAProxy 时,我收到502 Bad Gateway
来自 nginx 的以下错误:
[info] 7#7: *1 epoll_wait() reported that client prematurely closed connection, so upstream connection is closed too (104: Connection reset by peer) while reading upstream, client: 172.18.0.6, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://172.18.0.3:9000", host: "localhost:8888"
配置
这是我的 docker-compose.yml 描述堆栈:
version: '2'
services:
logger:
image: colstrom/syslog
proxy:
build:
context: .
dockerfile: Dockerfile-haproxy
ports:
- "8888:12000"
web:
build:
context: .
dockerfile: Dockerfile-web
ports:
- "9999:80"
php:
build:
context: .
dockerfile: Dockerfile-app
Dockerfile-haproxy:
FROM haproxy:1.7
COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
EXPOSE 12000
haproxy配置文件
global
maxconn 4096
maxpipes 1024
log logger:514 local2
defaults
timeout client 50000
timeout connect 5000
timeout server 50000
frontend bak
bind *:12000
mode http
option httplog
log global
default_backend bak
backend bak
mode http
server web web:80
Dockerfile-web:
FROM nginx
COPY site.conf /etc/nginx/conf.d/default.conf
COPY src /var/www/html
site.conf(nginx 配置):
server {
index index.php index.html;
error_log /var/log/nginx/error.log info;
access_log /var/log/nginx/access.log;
root /var/www/html;
location / {
fastcgi_pass php:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME index.php;
}
}
docker-compose的完整日志输出如下:
php_1 | 172.18.0.2 - 11/Feb/2017:11:09:19 +0000 "GET /" 200
web_1 | 2017/02/11 11:09:19 [info] 7#7: *1 epoll_wait() reported that client prematurely closed connection, so upstream connection is closed too (104: Connection reset by peer) while reading upstream, client: 172.18.0.6, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://172.18.0.3:9000", host: "localhost:8888"
web_1 | 172.18.0.6 - - [11/Feb/2017:11:09:19 +0000] "GET / HTTP/1.1" 200 8005 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36"
logger_1 | Feb 11 11:09:19 a94d638768c9 user.notice root: <150>Feb 11 11:09:19 haproxy[9]: 172.18.0.1:54508 [11/Feb/2017:11:09:19.285] bak bak/web 0/0/1/-1/37 502 8524 - - PH-- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
似乎需要在 HAProxy 或 nginx 中进行一些额外的配置,但我不知道该做什么。
更新/我尝试过的事情
我遇到过一个建议的修复方法是设置 nginx fastcgi_ignore_client_abort on;
。最终结果相同,但 nginx 错误略有不同:
2017/02/11 11:40:35 [info] 7#7: *3 writev() failed (104: Connection reset by peer) while sending to client, client: 172.18.0.5, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://172.18.0.2:9000", host: "localhost:8888"
设置 nginx proxy_buffering on;
。这没什么区别。
设置 haproxymode tcp
将正确提供页面。但是我需要这样做,mode http
因为我正在进行 L7 负载平衡(此测试用例中未显示)。这让我意识到 HAProxy 日志正在报告,PH
我理解这意味着上游的响应不佳。
有什么方法可以让我获得更多相关信息?如果我直接进入 nginx,据我所知,响应标头看起来不错:
HTTP/1.1 200 OK
Server: nginx/1.11.9
Date: Sat, 11 Feb 2017 12:05:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Expires: Sat, 11 Feb 2017 12:15:07GMT
Cache-Control: public,max-age=600
答案1
haproxy 日志中的PH--
问题最终暴露了出来。HTTP 响应标头无效。我刚刚删除了它Date
,Expires
现在一切都正常了。