Nginx 역방향 프록시 구성: 잘못된 게이트웨이 문제 해결

tag-icon tag-icon nginx reverse-proxy gateway 502-error 502
Nginx 역방향 프록시 구성: 잘못된 게이트웨이 문제 해결

다른 서버에서 액세스할 수 있는 Nginx 역방향 프록시를 설정하려고 합니다. 목적은 요청을 업스트림 테스트 환경으로 리디렉션하는 것입니다. 연결하려면 인증서와 키가 필요하며 둘 다 성공적으로 검증되었습니다.

명령 실행

curl -E ./test.crt --key ./test.key https://example.com/agent_ws-SOF46 -v -L

결과적으로 연결에 성공합니다.

그런데 달리려고 하면

curl -L http://192.168.20.222/mun/s/agent_ws-SOF46/ -v

다른 내부 개발 서버에서나쁜 게이트웨이응답. IP 주소 192.168.20.220은 Nginx 서버의 내부 IP 주소에 해당합니다.

내가 사용하는 구성 파일은 다음과 같습니다.

location /mun/s{
    rewrite ^/mun/s/(.*) /$1 break;
    proxy_ssl_server_name on;
    proxy_ssl_certificate /etc/nginx/certs/test.crt;
    proxy_ssl_certificate_key /etc/nginx/certs/test.key;
    proxy_pass https://example.com/;
    error_log /var/log/nginx/mun-s.log debug;
}

error.log 파일에 대한 링크:딸깍 하는 소리

2023/08/28 09:41:33 [debug] 19161#0: *15114 http cl:-1 max:104857600
2023/08/28 09:41:33 [debug] 19161#0: *15114 rewrite phase: 3
2023/08/28 09:41:33 [debug] 19161#0: *15114 posix_memalign: 000055F446922800:4096 @16
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script regex: "^/mun/s/(.*)"
2023/08/28 09:41:33 [notice] 19161#0: *15114 "^/mun/s/(.*)" matches "/mun/s/agent_ws-SOF46", client: ::1, server: _, request: "GET /mun/s/agent_ws-SOF46 HTTP/1.1", host: "localhost"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script copy: "/"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script capture: "agent_ws-SOF46"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script regex end
2023/08/28 09:41:33 [notice] 19161#0: *15114 rewritten data: "/agent_ws-SOF46", args: "", client: ::1, server: _, request: "GET /mun/s/agent_ws-SOF46 HTTP/1.1", host: "localhost"
2023/08/28 09:41:33 [debug] 19161#0: *15114 post rewrite phase: 4
2023/08/28 09:41:33 [debug] 19161#0: *15114 generic phase: 5
2023/08/28 09:41:33 [debug] 19161#0: *15114 generic phase: 6
2023/08/28 09:41:33 [debug] 19161#0: *15114 generic phase: 7
2023/08/28 09:41:33 [debug] 19161#0: *15114 generic phase: 8
2023/08/28 09:41:33 [debug] 19161#0: *15114 access phase: 9
2023/08/28 09:41:33 [debug] 19161#0: *15114 access phase: 10
2023/08/28 09:41:33 [debug] 19161#0: *15114 access phase: 11
2023/08/28 09:41:33 [debug] 19161#0: *15114 post access phase: 12
2023/08/28 09:41:33 [debug] 19161#0: *15114 http init upstream, client timer: 0
2023/08/28 09:41:33 [debug] 19161#0: *15114 epoll add event: fd:20 op:3 ev:80002005
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script copy: "Host: "
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script var: "example.com"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script copy: "
"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script copy: "Connection: close
"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script copy: ""
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script copy: ""
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script copy: ""
2023/08/28 09:41:33 [debug] 19161#0: *15114 http script copy: ""
2023/08/28 09:41:33 [debug] 19161#0: *15114 http proxy header: "User-Agent: curl/7.29.0"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http proxy header: "Accept: */*"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http proxy header:
"GET /agent_ws-SOF46 HTTP/1.0
Host: example.com
Connection: close
User-Agent: curl/7.29.0
Accept: */*
 
"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http cleanup add: 000055F446923098
2023/08/28 09:41:33 [debug] 19161#0: *15114 get rr peer, try: 1
2023/08/28 09:41:33 [debug] 19161#0: *15114 stream socket 23
2023/08/28 09:41:33 [debug] 19161#0: *15114 epoll add connection: fd:23 ev:80002005
2023/08/28 09:41:33 [debug] 19161#0: *15114 connect to 217.145.175.7:443, fd:23 #15115
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream connect: -2
2023/08/28 09:41:33 [debug] 19161#0: *15114 posix_memalign: 000055F446A570D0:128 @16
2023/08/28 09:41:33 [debug] 19161#0: *15114 event timer add: 23: 60000:1693204953436
2023/08/28 09:41:33 [debug] 19161#0: *15114 http finalize request: -4, "/agent_ws-SOF46?" a:1, c:2
2023/08/28 09:41:33 [debug] 19161#0: *15114 http request count:2 blk:0
2023/08/28 09:41:33 [debug] 19161#0: *15114 http run request: "/agent_ws-SOF46?"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream check client, write event:1, "/agent_ws-SOF46"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream request: "/agent_ws-SOF46?"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream send request handler
2023/08/28 09:41:33 [debug] 19161#0: *15114 malloc: 000055F4469DFCE0:72
2023/08/28 09:41:33 [debug] 19161#0: *15114 upstream SSL server name: "example.com"
2023/08/28 09:41:33 [debug] 19161#0: *15114 set session: 000055F446A5A4F0
2023/08/28 09:41:33 [debug] 19161#0: *15114 tcp_nodelay
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_do_handshake: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL handshake handler: 0
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_do_handshake: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL handshake handler: 1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_do_handshake: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL handshake handler: 1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_do_handshake: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL handshake handler: 0
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_do_handshake: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL handshake handler: 1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_do_handshake: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL handshake handler: 1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_do_handshake: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL handshake handler: 0
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_do_handshake: 1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL: TLSv1.2, cipher: "ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD"
2023/08/28 09:41:33 [debug] 19161#0: *15114 save session: 000055F4469AB3D0
2023/08/28 09:41:33 [debug] 19161#0: *15114 old session: 000055F446A5A4F0
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream send request
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream send request body
2023/08/28 09:41:33 [debug] 19161#0: *15114 chain writer buf fl:1 s:110
2023/08/28 09:41:33 [debug] 19161#0: *15114 chain writer in: 000055F4469230E8
2023/08/28 09:41:33 [debug] 19161#0: *15114 malloc: 000055F4469EC560:80
2023/08/28 09:41:33 [debug] 19161#0: *15114 malloc: 000055F44692E570:16384
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL buf copy: 110
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL to write: 110
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_write: 110
2023/08/28 09:41:33 [debug] 19161#0: *15114 chain writer out: 0000000000000000
2023/08/28 09:41:33 [debug] 19161#0: *15114 event timer del: 23: 1693204953436
2023/08/28 09:41:33 [debug] 19161#0: *15114 event timer add: 23: 60000:1693204953455
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream process header
2023/08/28 09:41:33 [debug] 19161#0: *15114 malloc: 000055F4469BE300:4096
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_read: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream request: "/agent_ws-SOF46?"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream dummy handler
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream request: "/agent_ws-SOF46?"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream process header
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_read: -1
2023/08/28 09:41:33 [debug] 19161#0: *15114 SSL_get_error: 2
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream request: "/agent_ws-SOF46?"
2023/08/28 09:41:33 [debug] 19161#0: *15114 http upstream dummy handler
2023/08/28 09:41:43 [debug] 19161#0: *15114 http upstream request: "/agent_ws-SOF46?"
2023/08/28 09:41:43 [debug] 19161#0: *15114 http upstream process header
2023/08/28 09:41:43 [debug] 19161#0: *15114 SSL_read: -1
2023/08/28 09:41:43 [debug] 19161#0: *15114 SSL_get_error: 5
2023/08/28 09:41:43 [debug] 19161#0: *15114 peer shutdown SSL cleanly
2023/08/28 09:41:43 [error] 19161#0: *15114 upstream prematurely closed connection while reading response header from upstream, client: ::1, server: _, request: "GET /mun/s/agent_ws-SOF46 HTTP/1.1", upstream: "https://1.1.1.1:443/agent_ws-SOF46", host: "localhost"
2023/08/28 09:41:43 [debug] 19161#0: *15114 http next upstream, 2
2023/08/28 09:41:43 [debug] 19161#0: *15114 free rr peer 1 4
2023/08/28 09:41:43 [debug] 19161#0: *15114 finalize http upstream request: 502
2023/08/28 09:41:43 [debug] 19161#0: *15114 finalize http proxy request
2023/08/28 09:41:43 [debug] 19161#0: *15114 SSL_shutdown: 1
2023/08/28 09:41:43 [debug] 19161#0: *15114 close http upstream connection: 23
2023/08/28 09:41:43 [debug] 19161#0: *15114 free: 000055F44692E570
2023/08/28 09:41:43 [debug] 19161#0: *15114 free: 000055F4469EC560
2023/08/28 09:41:43 [debug] 19161#0: *15114 free: 000055F4469DFCE0
2023/08/28 09:41:43 [debug] 19161#0: *15114 free: 000055F446A570D0, unused: 0
2023/08/28 09:41:43 [debug] 19161#0: *15114 event timer del: 23: 1693204953455
2023/08/28 09:41:43 [debug] 19161#0: *15114 reusable connection: 0
2023/08/28 09:41:43 [debug] 19161#0: *15114 http finalize request: 502, "/agent_ws-SOF46?" a:1, c:1
2023/08/28 09:41:43 [debug] 19161#0: *15114 http special response: 502, "/agent_ws-SOF46?"
2023/08/28 09:41:43 [debug] 19161#0: *15114 internal redirect: "/50x.html?"

일부러 업스트림 서버의 IP 주소와 DNS 이름을 더미 서버로 변경했지만 테스트를 거쳐 작동하고 있다는 점을 명심하세요. 이 서버에 다른 역방향 프록시 구성이 있으며 현재 작동 중입니다. 이번 일은 그들과 비슷한 방식으로 이루어졌습니다.

편집: 컬의 응답이 302이기 때문에 업스트림 서버도 다른 것(다른 내부 URL)으로 리디렉션하는 것 같습니다. 업스트림 서버가 수행하는 리디렉션에 문제가 있는 것 같습니다. 이전에 설정된 SSL 세션이 중단될 가능성이 있지만 확실하지 않으며 여전히 추측입니다.

관련 정보