【发布时间】:2021-07-07 15:59:10
【问题描述】:
我一直在尝试在工作就绪的 NGINX 服务器中实现新的通信流程。服务器在 kubernetes 的 DaemonSet 中运行,且 hostNetwork 为 true。这一新流程会将来自客户端的收入 UDP 连接转发到保留原始端口的一个后端。 我已经尝试过这个配置(在流块内):
server {
listen 12000-12100 udp;
proxy_pass backend_name:$server_port;
proxy_bind $remote_addr:$remote_port transparent;
proxy_responses 0;
resolver 1.2.2.10;
}
当UDP数据包来到nginx时,日志输出为:
2021/07/01 06:19:55 [alert] 30#30: *24650 sendmsg() failed (1: Operation not permitted) while proxying and sending to upstream, udp client: 172.21.2.114, server: 0.0.0.0:12037, upstream: "1.2.123.101:12037", bytes from/to client:1946/0, bytes from/to upstream:0/0
2021/07/01 06:19:56 [alert] 30#30: *24652 sendmsg() failed (1: Operation not permitted) while proxying and sending to upstream, udp client: 172.21.2.114, server: 0.0.0.0:12037, upstream: "1.2.123.101:12037", bytes from/to client:973/0, bytes from/to upstream:0/0
2021/07/01 06:19:58 [alert] 30#30: *24654 sendmsg() failed (1: Operation not permitted) while proxying and sending to upstream, udp client: 172.21.2.114, server: 0.0.0.0:12037, upstream: "1.2.123.101:12037", bytes from/to client:973/0, bytes from/to upstream:0/0
2021/07/01 06:20:02 [alert] 30#30: *24656 sendmsg() failed (1: Operation not permitted) while proxying and sending to upstream, udp client: 172.21.2.114, server: 0.0.0.0:12037, upstream: "1.2.123.101:12037", bytes from/to client:973/0, bytes from/to upstream:0/0
2021/07/01 06:20:10 [alert] 30#30: *24658 sendmsg() failed (1: Operation not permitted) while proxying and sending to upstream, udp client: 172.21.2.114, server: 0.0.0.0:12037, upstream: "1.2.123.101:12037", bytes from/to client:973/0, bytes from/to upstream:0/0
我在主配置文件中使用用户 root 和 worker_processes auto。
我已阅读本指南以帮助我,但没有结果: [https://www.nginx.com/blog/ip-transparency-direct-server-return-nginx-plus-transparent-proxy/][1]
我找不到任何其他人发生过这样的问题,“代理和发送到上游时”的消息在网络中没有巧合。
有人可以帮我解决正在发生的事情吗?
【问题讨论】: