我正在尝试创建一个Nginx代理,将请求转发给/< service>到http://< service>.我首先尝试了以下内容:
location ~ ^/(.+)${
set $backend "http://$1:80";
proxy_pass $backend;
}
但它没有说出(当调用/ myservice时):
[error] 7741#0: *1 no resolver defined to resolve http://myservice
由于myservice无法从外部访问,我尝试在同一个pod中安装go-dnsmasq作为边车,我尝试将其用于DNS解析(就像我在this示例中看到的那样)并将我的Nginx配置更改为如下所示:
location ~ ^/(.+)${
resolver 127.0.0.1:53;
set $backend "http://$1:80";
proxy_pass $backend;
}
但现在Nginx失败了:
[error] 9#9: *734 myservice could not be resolved (2: Server failure),client: 127.0.0.1,server: Nginx-proxy,request: "GET /myservice HTTP/1.1",host: "localhost:8080"
127.0.0.1 - xxx [30/May/2016:10:34:23 +0000] "GET /myservice HTTP/1.1" 502 173 "-" "curl/7.38.0" "-"
我的Kubernetes pod看起来像这样:
spec:
containers:
- name: Nginx
image: "Nginx:1.10.0"
ports:
- containerPort: 8080
name: "external"
protocol: "TCP"
- name: dnsmasq
image: "janeczku/go-dnsmasq:release-1.0.5"
args:
- --listen
- "0.0.0.0:53"
在dnsmasq容器中运行netstat -ntlp给了我:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN -
tcp 0 0 :::53 :::* LISTEN 1/go-dnsmasq
并在Nginx容器中运行nmap –min-parallelism 100 -sT -sU localhost:
Starting Nmap 6.47 ( http://nmap.org ) at 2016-05-30 10:33 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00055s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 1997 closed ports
PORT STATE SERVICE
53/tcp open domain
8080/tcp open http-proxy
53/udp open domain
所以看起来dnsmasq和Nginx确实正常运行?我能做错什么?
经过大量的研究和反复试验,我设法解决了这个问题.首先,我将pod规范更改为:
原文链接:https://www.f2er.com/nginx/434992.htmlspec:
containers:
- name: Nginx
image: "Nginx:1.10.0"
ports:
- containerPort: 8080
name: "external"
protocol: "TCP"
- name: dnsmasq
image: "janeczku/go-dnsmasq:release-1.0.5"
args:
- --listen
- "127.0.0.1:53"
- --default-resolver
- --append-search-domains
- --hostsfile=/etc/hosts
- --verbose
然后我还必须在Nginx中为解析器禁用ipv6:
location ~ ^/(.+)${
resolver 127.0.0.1:53 ipv6=off;
set $backend "http://$1:80";
proxy_pass $backend;
}
然后它按预期工作!
