Nginx将502返回给浏览器,但可以很好地使用curl
我有一个MediaWiki在kubernetes集群中运行。kubernetes群集位于具有以下配置的nginx代理之后:Nginx将502返回给浏览器,但可以很好地使用curl,nginx,kubernetes,Nginx,Kubernetes,我有一个MediaWiki在kubernetes集群中运行。kubernetes群集位于具有以下配置的nginx代理之后: worker_processes 4; worker_rlimit_nofile 40000; events { worker_connections 1024; } http { upstream rancher { server 192.168.122.90:80; } map $http_upgrade $conn
worker_processes 4;
worker_rlimit_nofile 40000;
events {
worker_connections 1024;
}
http {
upstream rancher {
server 192.168.122.90:80;
}
map $http_upgrade $connection_upgrade {
default Upgrade;
'' close;
}
server {
listen 443 ssl http2;
server_name .domain;
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://rancher;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# This allows the ability for the execute shell window to remain open for up to 15 minutes. Without this parameter, the default is 1 minute and will automatically close.
proxy_read_timeout 900s;
proxy_connect_timeout 75s;
}
}
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
}
我可以进入wiki的主页,但在使用之前必须先登录。当我单击使用OAuth2登录时,我从nginx代理服务器获得502状态(nginx报告上游过早地结束了连接)。如果我对curl执行相同的请求,我会得到一个302,其中授权端点的位置与预期一致。我真的不明白为什么会这样。不使用代理和直接访问集群(从vm主机)的工作方式与正常情况一样,但这不是我想要的。因此,这个问题与nginx和kubernetes无关。这是mediawiki的一个问题,在那里压缩有一些有趣的行为。如果有人遇到类似情况,请查看更多信息:)