Websocket 正在将haproxy设置为NodeB的负载平衡器，但socket.io存在问题_Websocket_Socket.io_Haproxy_Http Status Code 403_Nodebb

Websocket 正在将haproxy设置为NodeB的负载平衡器，但socket.io存在问题

websocket socket.io

Websocket 正在将haproxy设置为NodeB的负载平衡器，但socket.io存在问题,websocket,socket.io,haproxy,http-status-code-403,nodebb,Websocket,Socket.io,Haproxy,Http Status Code 403,Nodebb,我正试图在haproxy后面的两个节点上运行nodeb。简单的浏览工作，但socket.io不断得到403 我的haproxy.cfg如下所示： frontend http-in mode http bind 0.0.0.0:80 redirect scheme https code 301 if !{ ssl_fc } frontend https-in bind 0.0.0.0:443 ssl crt /etc/letsencrypt/live/test/t

我正试图在haproxy后面的两个节点上运行nodeb。简单的浏览工作，但socket.io不断得到403

我的haproxy.cfg如下所示：

frontend http-in
    mode http
    bind 0.0.0.0:80
    redirect scheme https code 301 if !{ ssl_fc }

frontend https-in
    bind 0.0.0.0:443 ssl crt /etc/letsencrypt/live/test/test.pem
    http-response set-header strict-transport-security "max-age=31536000; includeSubDomains"
    http-response set-header Content-Security-Policy "default-src 'self' wss: https: *.startech-rd.tk/*; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com; style-src 'self' 'unsafe-inline' https:; img-src 'self' https://casper.ghost.org/ https://www.gravatar.com/ data:; font-src 'self' https:"
    http-response set-header X-XSS-Protection "1; mode=block"
    http-response set-header X-Content-Type-Options "nosniff"
    http-response set-header Referrer-Policy "no-referrer"
    reqadd X-Forwarded-Proto:\ https
    acl is_websocket hdr(Upgrade) -i WebSocket
    acl is_websocket path_sub -i /socket.io/
    use_backend bk_ws if is_websocket
    acl acl_comments path_beg -i /comments
    use_backend comments if acl_comments

backend comments
mode         http
balance      leastconn
timeout      connect 1s
timeout      server  600s
timeout      queue   600s
option redispatch
retries 3
acl is_woff capture.req.uri -m sub .woff
acl is_ttf capture.req.uri -m sub .ttf
acl is_eot capture.req.uri -m sub .eot
http-response set-header Cache-Control public if is_eot or is_woff or is_ttf
http-response set-header Expires -1 if is_eot or is_woff or is_ttf
http-response set-header Pragma cache if is_eot or is_woff or is_ttf
cookie nodebb insert indirect nocache secure

server node1 10.160.125.81:4567 cookie nodebb_node1 check inter 1000 fastinter 500 rise 2 fall 1
server node2 10.160.125.82:4567 cookie nodebb_node2 check inter 1000 fastinter 500 rise 2 fall 1

backend bk_ws
option redispatch
balance roundrobin
option forwardfor
option httpclose
server node1 10.160.125.81:4567 maxconn 30000 weight 10 cookie ws_node1 check
server node2 10.160.125.82:4567 maxconn 30000 weight 10 cookie ws_node2 check

Websocket连接一直都是403

更新：我尝试在没有haproxy的情况下直接连接，WebSocket连接正确。然而，我看到使用haproxy，websocket协议从wss变为https

有没有办法防止这种情况发生？

阅读HAProxy日志。验证请求是否转到正确的后端，

bk\u ws

。然后读取特定服务器上的日志。是的，它会转到正确的后端，但是在NodeB日志中的后端，我看不到任何内容。