【发布时间】:2019-09-17 10:47:53
【问题描述】:
我有一个容器化应用程序,我正在尝试将标头 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 从我的 nginx 传递到我的 rails 应用程序。
但是当我使用这个标头时,就绪和活跃度探测开始失败,状态为502 and awaiting headers,并且我的部署没有成功完成。
这是kubectl describe pod 的输出,我们看到502
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: Get http://10.16.0.1:3000/users/sign_in: dial tcp 10.16.0.221:3000: connect: connection refused
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Readiness probe failed: HTTP probe failed with statuscode: 502
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: HTTP probe failed with statuscode: 502
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Readiness probe failed: Get http://10.16.0.1:3000/users/sign_in: dial tcp 10.16.0.221:3000: connect: connection refused
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: Get http://10.16.0.1:3000/users/sign_in: net/http: request canceled (Client.Timeout exceeded while awaiting headers)
Warning BackOff 84s (x33 over 8m56s) kubelet, gke-cluster-1-upgraded-pool--v82p Back-off restarting failed container
以前的标头值为proxy_set_header X-Forwarded-For $http_x_forwarded_for;
下面是我nginx.conf的相关部分
http {
set_real_ip_from 1.2.3.4; -- example ip
real_ip_header X-Forwarded-For;
real_ip_recursive on;
server {
listen 80 default_server;
server_name _;
client_max_body_size 16m;
location @app {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
}
}
}
以下是我的部署文件,我尝试只保留相关部分并删除了卷挂载和数据库连接设置
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: backend
spec:
template:
metadata:
labels:
app: backend
spec:
initContainers:
- name: nginx-config
image: my_nginx
command: ['/bin/sh', '-c']
args: ["sed -i -e 's/gzip_types/gzip_types application\\/json/g' /etc/nginx/nginx.conf && mv /etc/nginx/* /etc/nginx-new/"]
volumeMounts:
- name: nginx-config
mountPath: /etc/nginx-new
- name: copy-assets
image: unicorn_image
command: ['sh', '-c', 'cp -a /app/public/* /mnt/']
volumeMounts:
- name: assets
mountPath: /mnt
containers:
- name: unicorn
image: unicorn_image
ports:
- containerPort: 3000
env:
livenessProbe:
httpGet:
path: /users/sign_in
port: 3000
scheme: HTTP
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /users/sign_in
port: 3000
scheme: HTTP
initialDelaySeconds: 10
- name: nginx
image: my_nginx
ports:
- containerPort: 80
livenessProbe:
httpGet:
path: /users/sign_in
port: 80
scheme: HTTP
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /users/sign_in
port: 80
scheme: HTTP
initialDelaySeconds: 10
volumeMounts:
- name: assets
mountPath: /var/www
readOnly: true
- name: nginx-config
mountPath: /etc/nginx
更新:我看到 nginx 容器没有被创建。请看下文
kubectl exec -it backend-6f4974cfd6-jtnqk -c nginx -- /bin/bash
error: unable to upgrade connection: container not found ("nginx")
不确定更新标头是如何导致问题的。
谁能指出我如何解决它的正确方向,谢谢。
【问题讨论】:
-
可以分享一下k8s的.yml配置吗
-
嗨@error404,我已经用部署配置文件更新了问题
-
@error404,我发布了另一个问题的更新
标签: nginx kubernetes kubernetes-ingress nginx-ingress