Fatal编程技术网
  • tomcat/
  • Tomcat 当代理服务器关闭时,NGINX反向代理返回502坏网关

Tomcat 当代理服务器关闭时,NGINX反向代理返回502坏网关

tomcat nginx proxy

Tomcat 当代理服务器关闭时,NGINX反向代理返回502坏网关,tomcat,nginx,proxy,Tomcat,Nginx,Proxy,我将nginx设置为apachetomcat的反向代理。它像我预料的那样正常工作。然而,当ApacheTomcat服务器关闭时,NGINX总是返回502坏网关时,我感到困惑。而不是返回504错误网关超时 502坏网关: 服务器充当网关或代理,并从上游服务器收到无效响应 504网关超时 服务器充当网关或代理,未收到来自上游服务器的及时响应 因此,如果代理服务器关闭,NGINX将以HTTP错误代码502、503?响应。默认情况下,SELinux配置不允许NGINX连接到远程web、fastCGI或其

我将nginx设置为apachetomcat的反向代理。它像我预料的那样正常工作。然而,当ApacheTomcat服务器关闭时,NGINX总是返回502坏网关时,我感到困惑。而不是返回504错误网关超时

502坏网关: 服务器充当网关或代理,并从上游服务器收到无效响应

504网关超时 服务器充当网关或代理,未收到来自上游服务器的及时响应

因此,如果代理服务器关闭,NGINX将以HTTP错误代码502、503?

响应。默认情况下,SELinux配置不允许NGINX连接到远程web、fastCGI或其他服务器。您可以使用setEnforce0设置许可模式,以检查是否应归咎于SELinux。如果是,您只需使用audit2allow生成一组允许执行所需操作的策略规则:

grep nginx/var/log/audit/audit.log | audit2allow-M nginx

semodule-i nginx.pp

之后,请记住再次使用setEnforce1启用SELinux

有关详细信息,请参见。

这很有效,谢谢!。这应该被标记为答案 
user  root;
worker_processes  1;

events {
        worker_connections  1024;
}

http {
       include       mime.types;
       default_type  application/octet-stream;
       sendfile        on;

       ssl_session_cache   shared:SSL:20m;
       ssl_session_timeout 10m;
       keepalive_timeout  65;

       map $http_upgrade $connection_upgrade {
               default Upgrade;
               '' close;
       }

        server {
                listen          *:80;
                return 301      https://$host:443$request_uri;
        }

        server{
                listen       *:443; #Ip of client
                # Specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length.
                client_max_body_size 1024M;
                # ssl config
                ssl                  on;
                ssl_certificate      server.crt;
                ssl_certificate_key  server.key;

                # for proxy timeout
                proxy_connect_timeout 75s;
                proxy_read_timeout 600s;
                proxy_send_timeout 600s;

                # not cache authorization
                proxy_no_cache $http_pragma $http_authorization;


                location /wss {
                        rewrite ^.*\/wss\/(?<api>.*) /$api break;
                        proxy_pass http://127.0.0.1:8071;

                        # for websocket
                       proxy_set_header Upgrade $http_upgrade;
                       proxy_set_header Connection $connection_upgrade;
                       proxy_http_version 1.1;
                       proxy_buffering off;
                       proxy_ignore_client_abort off;
                       proxy_read_timeout 1d;
                       proxy_send_timeout 1d;
                }

                location / {
                        proxy_buffering off;
                        proxy_pass http://127.0.0.1:8071;
                }
        }
}

proxy_connect_timeout 75s;
proxy_read_timeout 600s;
proxy_send_timeout 600s;