我有一个单独的 docker 容器使用 Lesencrypt 设置(使用 nginx,nginx-gen,nginx-letsencrypt)
Nginx 和应用程序容器运行良好,但我在 Nginx 的 Docker 日志中看到错误。
我有以下 nginx docker 卷:
- /srv/www/nginx-proxy/conf.d:/etc/nginx/conf.d
- /srv/www/nginx-proxy/vhost.d:/etc/nginx/vhost.d
- /srv/www/nginx-proxy/html:/usr/share/nginx/html
- /srv/www/nginx-proxy/certs:/etc/nginx/certs:ro
我在 Nginx Docker 日志中看到很多 docker 错误,其中大多数错误是由于缺少以下文件引起的/etc/nginx/html
:
2019-03-14T16:41:41.827406845Z 2019/03/14 16:41:41 [错误] 10#10:*29 未找到“ /etc/nginx/html/index.html”(2:没有此文件或目录),客户端:162.220.108.178,服务器:,请求:“ GET / HTTP / 1.1”,主机:“ xx.187.124.124”
2019-03-14T16:41:44.058864267Z 2019/03/14 16:41:44 [错误] 10#10:*30 未找到“ /etc/nginx/html/index.html”(2:没有此文件或目录),客户端:83.224.172.148,服务器:,请求:“GET / HTTP/1.1”,主机:“xx.43.94.103:80”
2019-03-14T16:42:49.085729650Z 2019/03/14 16:42:49 [错误] 10#10:*37 未找到“ /etc/nginx/html/index.html”(2:没有此文件或目录),客户端:164.52.24.163,服务器:,请求:“ GET / HTTP / 1.1”,主机:“ xx.187.124.124”
2019-03-14T16:47:50.012585507Z 2019/03/14 16:47:50 [错误] 10#10:* 58 open()“ /etc/nginx/html/.well-known/acme-challenge/7mwlZRBfqpmjH1XKH-Qg7B6lyduFU9EPg4QSaTFyT0s”失败(2:没有此文件或目录),客户端:66.133.109.36,服务器:,请求:“GET /.well-known/acme-challenge/7mwlZRBfqpmjH1XKH-Qg7B6lyduFU9EPg4QSaTFyT0s HTTP/1.1”,主机:“foo.bar”
这些与部署的其他 Docker 应用程序相同。
假设我们有一个WordPress Docker 简介使用卷进行部署
- ./wordpress:/var/www/html
或者说我们为外部负载均衡器(例如 ALB/CloudFront/CloudFlare)设置了一个服务器块,这对于我们在服务器发生故障时缓解这些外部负载均衡器的 docker 错误并故障转移到其他服务器非常重要。
我看到如下缺少文件的错误/etc/nginx/html/
:
2019-03-14T05:38:06.284529777Z 2019/03/14 05:38:06 [错误] 11#11:* 689“ /etc/nginx/html/index.html”未找到(2:没有此文件或目录),客户端:78.162.82.29,服务器:,请求:“GET / HTTP / 1.1”,主机:“alb-aws-com” 2019-03-14T06:57:03.020160983Z 2019/03/14 06:57:03 [错误] 11#11:* 1011 open()“ /etc/nginx/html/wp-config.php”失败(2:没有此文件或目录),客户端:190.188.94.38,服务器:,请求: “GET /wp-config.php HTTP/1.1”,主机:“xxx.187.124.124” 2019-03-14T06:57:03.020160983Z 2019/03/14 06:57:03 [错误] 11#11:* 1011 open()“/etc/nginx/html/wp-config.php”失败(2:没有这样的文件或目录),客户端:190.188.94.38,服务器:,请求:“GET /wp-config.php HTTP/1.1”,主机:“xx.187.124.124” 2019-03-14T06:57:13.402392385Z 2019/03/14 06:57:13 [错误] 11#11:* 1011 open() “/etc/nginx/html/wp-admins.php”失败(2:没有此文件或目录),客户端:190.188.94.38,服务器:,请求:“POST /wp-admins.php HTTP/1.1”,主机:“xx.187.124.124” 2019-03-14T06:57:13.402392385Z 2019/03/14 06:57:13 [错误] 11#11:* 1011 open()“/etc/nginx/html/wp-admins.php”失败(2:没有此文件或目录),客户端:190.188.94.38,服务器:,请求:“POST /wp-admins.php HTTP/1.1”,主机:“xx.187.124.124” 2019-03-14T06:58:20.069384814Z 2019/03/14 06:58:20 [错误] 11#11:* 1018 open()“ /etc/nginx/html/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php”失败(2:没有此文件或目录),客户端:190.188.94.38,服务器:,请求:“GET /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php HTTP / 1.1”,主机:“ xx.187.124.124” 2019-03-14T06:58:20.069384814Z 2019/03/14 06:58:20 [错误] 11#11: *1018 open()“/etc/nginx/html/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php”失败(2:没有此文件或目录),客户端:190.188.94.38,服务器:,请求:“GET /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php HTTP/1.1”,主机:“xx.187.124.124” 2019-03-14T06:58:20.069384814Z 2019/03/14 06:58:20 [错误] 11#11:*1018 open()“/etc/nginx/html/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php”失败(2:没有此文件或目录),客户端: 190.188.94.38,服务器:,请求:“GET /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php HTTP/1.1”,主机:“xx.187.124.124”
以下是 Dockers 自动创建的 Nginx 和示例 webapp(foo.bar)服务器块:
server {
server_name _; # This is just an invalid value which will never trigger on a real hostname.
listen 80;
access_log /var/log/nginx/access.log vhost;
return 503;
}
server {
server_name _; # This is just an invalid value which will never trigger on a real hostname.
listen 443 ssl http2;
access_log /var/log/nginx/access.log vhost;
return 503;
ssl_session_tickets off;
ssl_certificate /etc/nginx/certs/default.crt;
ssl_certificate_key /etc/nginx/certs/default.key;
}
server {
server_name foo.bar;
listen 80 ;
access_log /var/log/nginx/access.log vhost;
include /etc/nginx/vhost.d/default;
location / {
proxy_pass http://foo.bar;
}
}
server {
server_name foo.bar;
listen 443 ssl http2 ;
access_log /var/log/nginx/access.log vhost;
return 500;
ssl_certificate /etc/nginx/certs/default.crt;
ssl_certificate_key /etc/nginx/certs/default.key;
}
我是否遗漏了什么或者我们应该将这些错误视为正常错误?
有没有办法可以消除这些错误?