nginx docker容器:502错误的网关响应 [英] nginx docker container: 502 bad gateway response
问题描述
我有一个监听8080端口的服务.这不是一个容器.
I've a service listening to 8080 port. This one is not a container.
然后,我使用正式图片创建了一个nginx容器:
Then, I've created a nginx container using oficial image:
docker run --name nginx -d -v /root/nginx/conf:/etc/nginx/conf.d -p 443:443 -p 80:80 nginx
毕竟:
# netstat -tupln | grep 443
tcp6 0 0 :::443 :::* LISTEN 3482/docker-proxy
# netstat -tupln | grep 80
tcp6 0 0 :::80 :::* LISTEN 3489/docker-proxy
tcp6 0 0 :::8080 :::* LISTEN 1009/java
Nginx配置为:
upstream eighty {
server 127.0.0.1:8080;
}
server {
listen 80;
server_name eighty.domain.com;
location / {
proxy_pass http://eighty;
}
}
我已检查是否可以通过# curl http://127.0.0.1:8080
I've checked I'm able to connect with with this server with # curl http://127.0.0.1:8080
<html><head><meta http-equiv='refresh'
content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body
style='background-color:white; color:white;'>
...
但是,运行情况似乎不错,当我尝试使用浏览器进行访问时,nginx告诉bt 502错误的网关响应.
It seems running well, however, when I'm trying to access using my browser, nginx tells bt a 502 bad gateway response.
我正在弄清楚,这可能是与非容器化过程中的容器和容器之间的可见性有关的问题.我可以在与其他非容器进程打开的端口之间建立稳定的连接吗?
I'm figuring out it can be a problem related with the visibility between a open by a non-containerized process and a container. Can I container stablish connection to a port open by other non-container process?
编辑
记录upstream { server 127.0.0.1:8080; }
所在的位置:
2016/07/13 09:06:53 [error] 5#5: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 62.57.217.25, server: eighty.domain.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "eighty.domain.com"
62.57.217.25 - - [13/Jul/2016:09:06:53 +0000] "GET / HTTP/1.1" 502 173 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0" "-"
记录upstream { server 0.0.0.0:8080; }
所在的位置:
62.57.217.25 - - [13/Jul/2016:09:00:30 +0000] "GET / HTTP/1.1" 502 173 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0" "-" 2016/07/13 09:00:30 [error] 5#5: *1 connect() failed (111: Connection refused) while connecting to upstream, client:
62.57.217.25, server: eighty.domain.com, request: "GET / HTTP/1.1", upstream: "http://0.0.0.0:8080/", host: "eighty.domain.com" 2016/07/13 09:00:32 [error] 5#5: *3 connect() failed (111: Connection refused) while connecting to upstream, client: 62.57.217.25, server: eighty.domain.com, request: "GET / HTTP/1.1", upstream: "http://0.0.0.0:8080/", host: "eighty.domain.com"
62.57.217.25 - - [13/Jul/2016:09:00:32 +0000] "GET / HTTP/1.1" 502 173 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0" "-"
有什么想法吗?
推荐答案
问题
在容器方面,Localhost有点棘手.在docker容器中,localhost指向容器本身. 这意味着,上游是这样的:
The Problem
Localhost is a bit tricky when it comes to containers. Within a docker container, localhost points to the container itself. This means, with an upstream like this:
upstream foo{
server 127.0.0.1:8080;
}
或
upstream foo{
server 0.0.0.0:8080;
}
您正在告诉nginx将您的请求传递给本地主机. 但是在docker-container的上下文中,localhost(和相应的IP地址)指向容器本身:
you are telling nginx to pass your request to the local host. But in the context of a docker-container, localhost (and the corresponding ip addresses) are pointing to the container itself:
通过寻址127.0.0.1,如果您的容器不在主机网络上,您将永远不会到达主机.
by addressing 127.0.0.1 you will never reach your host machine, if your container is not on the host network.
您可以选择在与主机相同的网络上运行nginx:
You can choose to run nginx on the same network as your host:
docker run --name nginx -d -v /root/nginx/conf:/etc/nginx/conf.d --net=host nginx
请注意,在这种情况下,您无需公开任何端口.
Note that you do not need to expose any ports in this case.
这有效,尽管您失去了Docker网络的优势.如果您有多个容器应通过Docker网络进行通信,则此方法可能会成为问题.如果您只想与docker一起部署nginx,并且不想使用任何高级docker网络功能,则此方法很好.
This works though you lose the benefit of docker networking. If you have multiple containers that should communicate through the docker network, this approach can be a problem. If you just want to deploy nginx with docker and do not want to use any advanced docker network features, this approach is fine.
另一个方法是通过添加其远程IP地址来重新配置您的nginx上游指令以直接连接到您的主机:
Another aproach is to reconfigure your nginx upstream directive to directly connect to your host machine by adding its remote IP address:
upstream foo{
//insert your hosts ip here
server 192.168.99.100:8080;
}
容器现在将通过网络堆栈并正确解析主机:
The container will now go through the network stack and resolve your host correctly:
您也可以使用DNS名称.确保Docker知道您的DNS服务器.
You can also use your DNS name if you have one. Make sure docker knows about your DNS server.
这篇关于nginx docker容器:502错误的网关响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!