如何将 nginx 配置为使用 uWSGI 在不同子网上运行的不同 nginx 的反向代理?

【问题标题】:how to configure nginx as reverse proxy to different nginx running on different subnet with uWSGI?如何将 nginx 配置为使用 uWSGI 在不同子网上运行的不同 nginx 的反向代理?
【发布时间】:2018-01-11 09:52:41
【问题描述】:

这比this article领先一步,

以下是当前流程和配置,它正在运行。我可以从 /16 机器访问 UI。这是别人做的。我想通过上面的文章。

Client------------------nginx----------------------nginx
192.168.13.90/16   eth0 - 192.168.13.2/16   eth0   - 192.168.13.9/16
                                            eth0.1 - 182.28.129.202/24
                                                     |
                                                     |
                                                   uWSGI

我是 nginx 和 python 的初学者。我正在尝试在以下场景中将 nginx 配置为eth0.1 接口上的反向代理,

Client------------------nginx---------------------nginx
182.28.129.201/24  eth0 - 192.168.13.9/16   eth0 - 192.168.13.2/16
                   eth0.1 - 182.28.129.202/24
                                                    |
                                                    |
                                                  uWSGI

以下是当前的 nginx 配置文件以及我当前的试错 cmets,

Edit2 - 注释掉上游 nginx 反向代理服务器中特殊 login.html 页面的位置块

# /etc/nginx/nginx.conf
# 192.168.13.2/16  - this upstream server

user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
    worker_connections 768;
    # multi_accept on;
}

http {
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;
    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    access_log /var/log/access.log;
    error_log /var/log/error.log;

    gzip on;
    gzip_disable "msie6";

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

下面是上面nginx.conf包含的ui.conf文件, # /etc/nginx/sites-enabled/ui.conf

# 192.168.13.2/16  -  this upstream server

server {
    listen 192.168.13.2:80;
    server_name 192.168.13.2:80;

    access_log /var/log/access.log;
    error_log /var/log/error.log;

    # No physical login.html,
    #  it is passing it to root which is login screen
    #location = /login.html {                          <--------- Edit2
    #   return 301 /;
    #}

    location / {
        include uwsgi_params;
        uwsgi_pass unix:/var/run/ui.sock;
    }
}

以下是不同子网上eth0.1 上的 nginx.conf,

Edit1 - 这个配置我面临的问题是请求被代理到上游 nginx 服务器,但响应是 gzip 和分块的。我没有在客户端上看到页面加载。

Edit2 - 我为特殊页面 login.html 添加了位置块,它加载了该页面,但它卡在了重定向页面上。请参阅下面的wireshark流,

# /etc/nginx/nginx.conf

# eth0   - 192.168.13.9/16
# eth0.1 - 182.28.129.202/24  - Reverse proxy

user www-data;
worker_processes  1;

error_log  /var/log/nginx/error.log debug;

pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  0;   #Disable

    gzip  on;
    gzip_disable    "msie6";                          #   <----------- Edit2

    server {
        listen          182.28.129.202:8080;
        server_name     182.28.129.202:8080;

        #rewrite        ^(.*) $scheme://$server_name$1 permanent;

        location = /login.html {                       #   <---------- Edit2
            proxy_pass              http://192.168.13.2:80/;
        }

        location / {
            proxy_pass              http://192.168.13.2:80;

            #  trial and error
            #proxy_http_version     1.1;
            #proxy_set_header       Host $host;
            #proxy_set_header       X-Real-IP $remote_addr;
            #proxy_set_header       X-Forwarded-For $proxy_add_x_forwarded_for;
            #proxy_set_header       X-Forwarded-Proto http;
            #proxy_bind             192.168.13.9;
            #proxy_buffering        off;
        }
    }
}

Edit2 - Wireshark 流,卡在重定向页面,/home

POST /login.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://182.28.129.202:8080/login.html
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: 182.28.129.202:8080
Content-Length: 33
DNT: 1
Connection: Keep-Alive
Cache-Control: no-cache

password=xxxxxxxxxx&login-submit=Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 20:10:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 239
Connection: close
Location: http://192.168.13.2/home
Set-Cookie: remember_token=admin|c8aa43aab8b27724a207eb28ac7d1034d1e274fc4f528002a2d6106bb7c36a41756f6951d518f632d426a7d8c8257ad00dbab78e3daf7a5bbbc723ba33107e5e; Expires=Fri, 07-Dec-2018 20:10:50 GMT; Path=/
Set-Cookie: session=.eJw1zksKwzAMRdG9eNyBLUeSnc0E2ZJoBgkln1Hp3msonT4uvPMOix92PsN8Hbc9wrJqmAMgdgOPWhJx06jSM-lEuUKN5CzelFJJJY-pRs5QDLkgRWsdPZZkTZETkRikws1gUufeRL0a9zhlHAlXFEDPYlLHW1RI3sAYwoC87Nhkt_360-7Tjh9PdFv38PkC4lY3Tg.DQsxyg.lZrpSNvXnwE-JHT5t6qlYLAQP4Y; Expires=Sun, 07-Jan-2018 20:10:50 GMT; HttpOnly; Path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="/home">/home</a>.  If not click the link.

首先,我尝试能够通过 HTTP 访问 UI,然后使用 HTTPS。由于我在这方面的知识,我无法继续前进,非常感谢任何指导。

谢谢,

【问题讨论】:

  • 问题/问题是什么?
  • 哦,我错过了写那个。请看我的Edit1。我认为它最初应该很简单,但看起来并不那么简单。
  • 所以它成功地从一个 nginx 转到另一个 nginx,然后调用 uWSGI 服务器正常。但它是 gzip 多次?
  • 是的,响应分为多个块并压缩。让我在某个时候发布一个wireshark流文本。
  • @ShawnC。我做了一些更改,并使用详细信息和 wireshark 流编辑了我的帖子。寻找 Edit2。

标签: nginx uwsgi nginx-reverse-proxy


【解决方案1】:

我做了很多试验和错误,这就是观察到奇怪错误的地方。以下是对我有用的配置文件。希望它对某人有所帮助。

# 192.168.13.2/16  -  this upstream server

server {
    listen 192.168.13.2:80;
    server_name 192.168.13.2:80;

    access_log /var/log/access.log;
    error_log /var/log/error.log;

    # No physical login.html,
    #  it is passing it to root which is login screen
    location = /login.html {
       rewrite ^ http://192.168.13.2/ last;
    }

    location / {
        include uwsgi_params;
        uwsgi_pass unix:/var/run/ui.sock;
    }
}

# /etc/nginx/nginx.conf

# eth0   - 192.168.13.9/16
# eth0.1 - 182.28.129.202/24  - Reverse proxy

user www-data;
worker_processes  1;

error_log  /var/log/nginx/error.log debug;

pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  0;   #Disable

    gzip  on;
    gzip_disable    "msie6";

    server {
        listen          182.28.129.202:8080;
        server_name     182.28.129.202:8080;

        location / {
            proxy_buffering     off;
            proxy_set_header    Host $http_host;
            proxy_set_header    X-Real-IP $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Proto http;
            proxy_pass          http://192.168.13.2:80;
        }
    }
}

【讨论】:

    猜你喜欢
    • 2019-07-15
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2017-08-14
    • 2020-04-26
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode