Nginx 로드 밸런서가 불완전한 HTTPS 페이지를 표시합니다.

Nginx 로드 밸런서가 불완전한 HTTPS 페이지를 표시합니다.

2개 이상의 https 웹사이트의 부하를 분산하려면 NGINX 서버를 구성해야 합니다.

나는 다음 코드를 작성했습니다.

user  nginx;
#worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

#    sendfile        on;
#tcp_nopush     on;

#    keepalive_timeout  65;

        upstream servers_mito {
                least_conn;
                #server 10.200.0.43:801 max_fails=3 fail_timeout=30s;
                server 10.200.0.43:443 max_fails=3 fail_timeout=30s;
                #server 10.200.0.70:801 max_fails=3 fail_timeout=30s;
                server 10.200.0.141:443 max_fails=3 fail_timeout=30s;
                              }


server {
                        #listen       80;
                        listen 443 ssl;
                        #ssl on;
                        ssl_certificate         /etc/nginx/ssl/proxy1/server.crt;
                        ssl_certificate_key     /etc/nginx/ssl/proxy1/server.key;
                        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
                        server_name  proxy1;
                        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
                        ssl_prefer_server_ciphers on;
                        ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
#                   access_log   logs/domain2.access.log  main;

location / {
                proxy_pass      https://servers_mito;
                proxy_max_temp_file_size 0;
                #proxy_set_header Host $host;
                #proxy_set_header X-Real-IP $remote_addr;
                #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_ssl_server_name on;
                }

location /nginx_status {
        stub_status on;
        access_log   off;
        allow 127.0.0.1;
#        allow 10.200.0.111;
        allow 10.5.1.101;
         deny all;
}
}
#location / {
#        root   /usr/share/nginx/html;
#        index  index.html index.htm;
#    }
    }

이 예에서 사용하는 서버 2개는 다음과 같습니다. 10.200.0.43 --> Spacewalk 10.200.0.141 --> Ansible

해당 사이트를 직접 탐색하면 문제가 없으며 사이트는 문제 없이 탐색 가능합니다. NGINX를 통과하면 사이트가 불완전하고 작동하지 않습니다. 이미지에서 볼 수 있듯이 쓸모없고 사용할 수 없습니다.

우주 유영 앤서블1 앤서블2

이것은 access.log입니다:

10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET / HTTP/1.1" 302 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /rhn/Login.do HTTP/1.1" 404 3360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 404 5086 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/api/api.css?v=3.0.2 HTTP/1.1" 200 7442 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/css/default.css HTTP/1.1" 200 1132 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/csrf.js HTTP/1.1" 200 1832 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/css/prettify.css HTTP/1.1" 404 5086 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/bootstrap.min.js HTTP/1.1" 200 36816 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/prettify-min.js HTTP/1.1" 200 13632 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/default.js HTTP/1.1" 200 1760 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/api/api.js?v=3.0.2 HTTP/1.1" 200 3145 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/assets/main_menu_logo.png HTTP/1.1" 200 6359 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/ajax-form.js HTTP/1.1" 404 5092 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/jquery-1.11.3.min.js HTTP/1.1" 200 95957 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/rest_framework/js/ajax-form.js HTTP/1.1" 404 5092 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"
10.5.1.101 - - [04/Sep/2018:17:38:36 +0200] "GET /static/assets/favicon.ico?v=3.0.2 HTTP/1.1" 200 15086 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" "-"

error.log가 있는 동안:

2018/09/04 17:38:36 [warn] 17259#17259: *243 an upstream response is buffered to a temporary file /var/cache/nginx/proxy_temp/2/00/0000000002 while reading upstream, client: 10.5.1.101, server: proxy1, request: "GET /static/rest_framework/js/jquery-1.11.3.min.js HTTP/1.1", upstream: "https://10.200.0.141:443/static/rest_framework/js/jquery-1.11.3.min.js", host: "10.200.0.69", referrer: "https://10.200.0.69/rhn/Login.do"`

내가 뭘 잘못하고 있는지 말해줄 수 있나요?

ps: http로 리디렉션하면 제대로 작동합니다.


http 블록에 해당 줄을 추가했지만 불행히도 아무것도 변경되지 않았습니다.

10.5.1.101 - - [05/Sep/2018:12:27:01 +0200] "GET /rhn/Login.do HTTP/1.1" 400 3374 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:01 +0200] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 404 8402 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:01 +0200] "GET /static/rest_framework/js/prettify-min.js HTTP/1.1" 200 13632 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:01 +0200] "GET /static/rest_framework/css/default.css HTTP/1.1" 404 8394 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:05 +0200] "GET / HTTP/1.1" 400 3350 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:05 +0200] "GET /static/rest_framework/css/default.css HTTP/1.1" 200 1132 "https://10.200.0.69/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:27:05 +0200] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 404 8402 "https://10.200.0.69/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:28:23 +0200] "GET / HTTP/1.1" 302 217 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:28:23 +0200] "GET /rhn/Login.do HTTP/1.1" 400 3374 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.5.1.101 - - [05/Sep/2018:12:28:23 +0200] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 404 8402 "https://10.200.0.69/rhn/Login.do" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"

페이지가 불완전하다

서버 매개변수에 포트 번호를 입력하는 것이 맞다고 생각하시나요?

upstream servers_mito {
least_conn;
#server 10.200.0.43:801 max_fails=3 fail_timeout=30s;
server 10.200.0.43**:443** max_fails=3 fail_timeout=30s;
#server 10.200.0.70:801 max_fails=3 fail_timeout=30s;
server 10.200.0.141**:443** max_fails=3 fail_timeout=30s;
    }

그리고 http를 쓰세요에스위치 블록에 있나요?

location / {
                proxy_pass      https://servers_mito;
proxy_max_temp_file_size 0;

답변1

다음의 암시적 값 대신 명시 적 client_max_body_size으로 매개변수를 (무제한)으로 설정해야 합니다 .01M

http {
  . . . . .
  client_max_body_size            0;
  client_body_timeout             180;
  send_timeout                    180;
  proxy_send_timeout              180;
  proxy_read_timeout              180;
  . . . . .

관련 정보