Nginx *44连接到上游jhipster时connect()失败(111:连接被拒绝)
我在尝试访问显示“502坏网关”/nginx/1.19.3的jhipster链接时被拒绝连接。如有必要,可以无任何问题地访问 下面是我的docker撰写文件 docker-compose.ymlNginx *44连接到上游jhipster时connect()失败(111:连接被拒绝),nginx,docker-compose,jhipster,Nginx,Docker Compose,Jhipster,我在尝试访问显示“502坏网关”/nginx/1.19.3的jhipster链接时被拒绝连接。如有必要,可以无任何问题地访问 下面是我的docker撰写文件 docker-compose.yml version: '3.7' services: keycloak: image: jboss/keycloak:10.0.2 command: [ '-b', '0.0.0.0', #'-Dkeycloak.forceBa
version: '3.7'
services:
keycloak:
image: jboss/keycloak:10.0.2
command:
[
'-b',
'0.0.0.0',
#'-Dkeycloak.forceBackendUrlToFrontendUrl=true',
#'-Dkeycloak.frontendUrl=http://keycloak.t-vrec-ws-01/auth',
'-Dkeycloak.migration.action=import',
'-Dkeycloak.migration.provider=dir',
'-Dkeycloak.migration.dir=/opt/jboss/keycloak/realm-config',
'-Dkeycloak.migration.strategy=OVERWRITE_EXISTING',
'-Djboss.socket.binding.port-offset=1000',
'-Dkeycloak.profile.feature.upload_scripts=enabled',
]
volumes:
- ./realm-config:/opt/jboss/keycloak/realm-config
- ./technet-certs/keycloak-technet.crt:/etc/x509/https/tls.crt
- ./technet-certs/keycloak-technet.key:/etc/x509/https/tls.key
environment:
# - PROXY_ADDRESS_FORWARDING=true
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=admin
- DB_VENDOR=h2
ports:
- 80:9080
- 9443:9443
- 10990:10990
gateway:
image: gateway-cacert
environment:
- _JAVA_OPTIONS=-Xmx512m -Xms256m
- 'SPRING_PROFILES_ACTIVE=prod,swagger'
- 'SPRING_DATASOURCE_URL=jdbc:postgresql://gateway-postgresql:5432/gateway'
- 'SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=https://keycloak.technet.local/auth/realms/jhipster'
#- 'SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=https://gateway.t-vrec-ws-01/auth/realms/jhipster'
- SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_ID=web-app
- SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_SECRET=web-app
- JHIPSTER_SLEEP=30
ports:
- 8443:443
depends_on:
- gateway-postgresql
gateway-postgresql:
image: postgres:12.3
environment:
- POSTGRES_USER=gateway
- POSTGRES_PASSWORD=
- POSTGRES_HOST_AUTH_METHOD=trust
ports:
- 5432:5432
nginx:
image: nginx
depends_on:
- gateway
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./nginx-ssl:/etc/nginx/ssl
ports:
- 443:443
下面是我更新的nginx.conf文件
events {
}
http {
server {
listen 443 ssl;
server_name gateway.technet.local
add_header Strict-Transport-Security "max-age=86400; includeSubdomains; preload" always;
ssl_certificate /etc/nginx/ssl/nginx-selfsigned.crt;
ssl_certificate_key /etc/nginx/ssl/nginx-selfsigned.key;
ssl_session_timeout 20m;
location /ag01 {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass https://gateway:443;
resolver 127.0.0.1;
}
location /auth {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass https://keycloak:9443;
resolver 127.0.0.1;
}
}
}
我有点困在这里了,有人能帮我解决这个问题吗?您的nginx配置使用主机端口8843作为网关,而它应该使用容器端口443,因为nginx在容器网络中运行
此外,您的
SPRING\u SECURITY\u OAUTH2\u CLIENT\u PROVIDER\u OIDC\u ISSUER\u URI
变量指向keydove.technet.local
域名,但您没有显示任何具有此类虚拟主机的nginx配置。此名称如何解析为IP地址?谢谢Marziou。在进行更改后,docker compose logs gateway_1|中出现以下错误:org.springframework.web.client.ResourceAccessException:GET请求“”时发生I/O错误:连接被拒绝(连接被拒绝);嵌套异常是java.net.ConnectException:Connection-densed(连接被拒绝)也是在我尝试访问URL时出现的,请参见以下日志中的错误:nginx_1 | 2020/11/21 16:05:05[error]29#29:*16 connect()在连接到上游时失败(113:没有到主机的路由),客户端:172.16.10.53,服务器:gateway.technet.local,请求:“GET/ag01 HTTP/1.1”,上游:“主机:”gateway.technet.local“nginx|u 1 | 172.16.10.53---[21/11/2020:16:05:05+0000]“GET/ag01 HTTP/1.1”502 559“-”Mozilla/5.0(Windows NT 10.0;Win64;x64)AppleWebKit/537.36(KHTML,像Gecko)Chrome/86.0.4240。请不要用太长的评论,编辑您的问题。