Ich muss einen NGINX-Server konfigurieren, um die Last von zwei oder mehr https-Websites auszugleichen.
Ich habe diesen Code geschrieben:
user nginx;
#worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
# sendfile on;
#tcp_nopush on;
# keepalive_timeout 65;
upstream servers_mito {
least_conn;
#server 10.200.0.43:801 max_fails=3 fail_timeout=30s;
server 10.200.0.43:443 max_fails=3 fail_timeout=30s;
#server 10.200.0.70:801 max_fails=3 fail_timeout=30s;
server 10.200.0.141:443 max_fails=3 fail_timeout=30s;
}
server {
#listen 80;
listen 443 ssl;
#ssl on;
ssl_certificate /etc/nginx/ssl/proxy1/server.crt;
ssl_certificate_key /etc/nginx/ssl/proxy1/server.key;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
server_name proxy1;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
# access_log logs/domain2.access.log main;
location / {
proxy_pass https://servers_mito;
proxy_max_temp_file_size 0;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_server_name on;
}
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
# allow 10.200.0.111;
allow 10.5.1.101;
deny all;
}
}
#location / {
# root /usr/share/nginx/html;
# index index.html index.htm;
# }
}
Die 2 Server, die ich in diesem Beispiel verwende, sind: 10.200.0.43 --> Spacewalk 10.200.0.141 --> Ansible
Wenn ich diese Seiten direkt durchsuche, gibt es keine Probleme, die Seiten sind in Ordnung und durchsuchbar. Wenn ich über NGINX gehe, sind die Seiten unvollständig und funktionieren nicht: nutzlos, unbrauchbar, wie Sie in den Bildern sehen können:
Weltraumspaziergang ansible1 ansible2
Dies ist das access.log:
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET / HTTP/1.1" 302 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /rhn/Login.do HTTP/1.1" 404 3360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 404 5086 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/api/api.css?v=3.0.2 HTTP/1.1" 200 7442 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/css/default.css HTTP/1.1" 200 1132 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/csrf.js HTTP/1.1" 200 1832 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/css/prettify.css HTTP/1.1" 404 5086 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/bootstrap.min.js HTTP/1.1" 200 36816 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/prettify-min.js HTTP/1.1" 200 13632 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/default.js HTTP/1.1" 200 1760 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/api/api.js?v=3.0.2 HTTP/1.1" 200 3145 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/assets/main_menu_logo.png HTTP/1.1" 200 6359 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/ajax-form.js HTTP/1.1" 404 5092 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/jquery-1.11.3.min.js HTTP/1.1" 200 95957 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/ajax-form.js HTTP/1.1" 404 5092 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/assets/favicon.ico?v=3.0.2 HTTP/1.1" 200 15086 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
Während das error.log:
2018/09/04 17:38:36 [warn] 17259#17259: *243 an upstream response is buffered to a temporary file /var/cache/nginx/proxy_temp/2/00/0000000002 while reading upstream, client: 10.5.1.101, server: proxy1, request: "GET /static/rest_framework/js/jquery-1.11.3.min.js HTTP/1.1", upstream: "https://10.200.0.141:443/static/rest_framework/js/jquery-1.11.3.min.js", host: "10.200.0.69", referrer: "https://10.200.0.69/rhn/Login.do"`
Können Sie mir bitte sagen, was ich falsch mache?
ps: Wenn ich auf http umleite, funktioniert es einwandfrei
Ich habe diese Zeilen im http-Block hinzugefügt, aber leider hat sich nichts geändert:
10.5.1.101 - - [05/Sep/2018:12:27:01 +0200] "GET /rhn/Login.do HTTP/1.1" 400 3374 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:01 +0200] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 404 8402 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:01 +0200] "GET /static/rest_framework/js/prettify-min.js HTTP/1.1" 200 13632 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:01 +0200] "GET /static/rest_framework/css/default.css HTTP/1.1" 404 8394 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:05 +0200] "GET / HTTP/1.1" 400 3350 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:05 +0200] "GET /static/rest_framework/css/default.css HTTP/1.1" 200 1132 "https://10.200.0.69/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:05 +0200] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 404 8402 "https://10.200.0.69/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:28:23 +0200] "GET / HTTP/1.1" 302 217 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:28:23 +0200] "GET /rhn/Login.do HTTP/1.1" 400 3374 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:28:23 +0200] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 404 8402 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
Ist es Ihrer Meinung nach richtig, die Portnummer in den Serverparameter einzugeben:
upstream servers_mito {
least_conn;
#server 10.200.0.43:801 max_fails=3 fail_timeout=30s;
server 10.200.0.43**:443** max_fails=3 fail_timeout=30s;
#server 10.200.0.70:801 max_fails=3 fail_timeout=30s;
server 10.200.0.141**:443** max_fails=3 fail_timeout=30s;
}
Und dann schreiben Sie httpSim Standortblock?
location / {
proxy_pass https://servers_mito;
proxy_max_temp_file_size 0;
Antwort1
Sie sollten den client_max_body_size
Parameter explizit auf 0
(unbegrenzt) statt auf den impliziten Wert setzen 1M
:
http {
. . . . .
client_max_body_size 0;
client_body_timeout 180;
send_timeout 180;
proxy_send_timeout 180;
proxy_read_timeout 180;
. . . . .