如何使用uWSGI将nginx配置为不同子网上不同nginx 运行的反向代理?
how to configure nginx as reverse proxy to different nginx running on different subnet with uWSGI?
这比this article、
领先一步
以下是当前流程和配置,它正在运行。我可以从 /16 机器访问 UI。这是别人做的。我猜是按照上面的文章。
Client------------------nginx----------------------nginx
192.168.13.90/16 eth0 - 192.168.13.2/16 eth0 - 192.168.13.9/16
eth0.1 - 182.28.129.202/24
|
|
uWSGI
我是 nginx 和 python 的初学者。在以下情况下,我正在尝试将 nginx 配置为 eth0.1 接口上的反向代理,
Client------------------nginx---------------------nginx
182.28.129.201/24 eth0 - 192.168.13.9/16 eth0 - 192.168.13.2/16
eth0.1 - 182.28.129.202/24
|
|
uWSGI
下面是当前的 nginx 配置文件以及我当前的试错评论,
Edit2 - 注释掉来自上游 nginx 反向代理服务器
的特殊 login.html 页面的位置块
# /etc/nginx/nginx.conf
# 192.168.13.2/16 - this upstream server
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
access_log /var/log/access.log;
error_log /var/log/error.log;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
下面是上面nginx.conf包含的ui.conf文件,
# /etc/nginx/sites-enabled/ui.conf
# 192.168.13.2/16 - this upstream server
server {
listen 192.168.13.2:80;
server_name 192.168.13.2:80;
access_log /var/log/access.log;
error_log /var/log/error.log;
# No physical login.html,
# it is passing it to root which is login screen
#location = /login.html { <--------- Edit2
# return 301 /;
#}
location / {
include uwsgi_params;
uwsgi_pass unix:/var/run/ui.sock;
}
}
以下是不同子网上 eth0.1 上的 nginx.conf,
Edit1 - 我在这个配置中面临的问题是请求被代理到上游 nginx 服务器,但响应是 gzip 和分块的。我没有在客户端上看到页面加载。
Edit2 - 我为特殊页面添加了位置块 login.html 并加载了该页面,但它停留在重定向页面。请参阅下面的 wireshark 流,
# /etc/nginx/nginx.conf
# eth0 - 192.168.13.9/16
# eth0.1 - 182.28.129.202/24 - Reverse proxy
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
#tcp_nopush on;
keepalive_timeout 0; #Disable
gzip on;
gzip_disable "msie6"; # <----------- Edit2
server {
listen 182.28.129.202:8080;
server_name 182.28.129.202:8080;
#rewrite ^(.*) $scheme://$server_name permanent;
location = /login.html { # <---------- Edit2
proxy_pass http://192.168.13.2:80/;
}
location / {
proxy_pass http://192.168.13.2:80;
# trial and error
#proxy_http_version 1.1;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto http;
#proxy_bind 192.168.13.9;
#proxy_buffering off;
}
}
}
Edit2 - Wireshark 流,卡在重定向页面,/home
POST /login.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://182.28.129.202:8080/login.html
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: 182.28.129.202:8080
Content-Length: 33
DNT: 1
Connection: Keep-Alive
Cache-Control: no-cache
password=xxxxxxxxxx&login-submit=Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 20:10:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 239
Connection: close
Location: http://192.168.13.2/home
Set-Cookie: remember_token=admin|c8aa43aab8b27724a207eb28ac7d1034d1e274fc4f528002a2d6106bb7c36a41756f6951d518f632d426a7d8c8257ad00dbab78e3daf7a5bbbc723ba33107e5e; Expires=Fri, 07-Dec-2018 20:10:50 GMT; Path=/
Set-Cookie: session=.eJw1zksKwzAMRdG9eNyBLUeSnc0E2ZJoBgkln1Hp3msonT4uvPMOix92PsN8Hbc9wrJqmAMgdgOPWhJx06jSM-lEuUKN5CzelFJJJY-pRs5QDLkgRWsdPZZkTZETkRikws1gUufeRL0a9zhlHAlXFEDPYlLHW1RI3sAYwoC87Nhkt_360-7Tjh9PdFv38PkC4lY3Tg.DQsxyg.lZrpSNvXnwE-JHT5t6qlYLAQP4Y; Expires=Sun, 07-Jan-2018 20:10:50 GMT; HttpOnly; Path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="/home">/home</a>. If not click the link.
首先,我试图通过 HTTP 访问 UI,然后使用 HTTPS。由于我在这方面的知识,我无法继续前进,非常感谢任何指导。
谢谢,
我做了很多试验和错误,这就是观察奇怪错误的地方。以下是对我有用的配置文件。希望对大家有帮助。
# 192.168.13.2/16 - this upstream server
server {
listen 192.168.13.2:80;
server_name 192.168.13.2:80;
access_log /var/log/access.log;
error_log /var/log/error.log;
# No physical login.html,
# it is passing it to root which is login screen
location = /login.html {
rewrite ^ http://192.168.13.2/ last;
}
location / {
include uwsgi_params;
uwsgi_pass unix:/var/run/ui.sock;
}
}
# /etc/nginx/nginx.conf
# eth0 - 192.168.13.9/16
# eth0.1 - 182.28.129.202/24 - Reverse proxy
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
#tcp_nopush on;
keepalive_timeout 0; #Disable
gzip on;
gzip_disable "msie6";
server {
listen 182.28.129.202:8080;
server_name 182.28.129.202:8080;
location / {
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_pass http://192.168.13.2:80;
}
}
}
这比this article、
领先一步以下是当前流程和配置,它正在运行。我可以从 /16 机器访问 UI。这是别人做的。我猜是按照上面的文章。
Client------------------nginx----------------------nginx
192.168.13.90/16 eth0 - 192.168.13.2/16 eth0 - 192.168.13.9/16
eth0.1 - 182.28.129.202/24
|
|
uWSGI
我是 nginx 和 python 的初学者。在以下情况下,我正在尝试将 nginx 配置为 eth0.1 接口上的反向代理,
Client------------------nginx---------------------nginx
182.28.129.201/24 eth0 - 192.168.13.9/16 eth0 - 192.168.13.2/16
eth0.1 - 182.28.129.202/24
|
|
uWSGI
下面是当前的 nginx 配置文件以及我当前的试错评论,
Edit2 - 注释掉来自上游 nginx 反向代理服务器
的特殊login.html 页面的位置块
# /etc/nginx/nginx.conf
# 192.168.13.2/16 - this upstream server
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
access_log /var/log/access.log;
error_log /var/log/error.log;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
下面是上面nginx.conf包含的ui.conf文件, # /etc/nginx/sites-enabled/ui.conf
# 192.168.13.2/16 - this upstream server
server {
listen 192.168.13.2:80;
server_name 192.168.13.2:80;
access_log /var/log/access.log;
error_log /var/log/error.log;
# No physical login.html,
# it is passing it to root which is login screen
#location = /login.html { <--------- Edit2
# return 301 /;
#}
location / {
include uwsgi_params;
uwsgi_pass unix:/var/run/ui.sock;
}
}
以下是不同子网上 eth0.1 上的 nginx.conf,
Edit1 - 我在这个配置中面临的问题是请求被代理到上游 nginx 服务器,但响应是 gzip 和分块的。我没有在客户端上看到页面加载。
Edit2 - 我为特殊页面添加了位置块 login.html 并加载了该页面,但它停留在重定向页面。请参阅下面的 wireshark 流,
# /etc/nginx/nginx.conf
# eth0 - 192.168.13.9/16
# eth0.1 - 182.28.129.202/24 - Reverse proxy
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
#tcp_nopush on;
keepalive_timeout 0; #Disable
gzip on;
gzip_disable "msie6"; # <----------- Edit2
server {
listen 182.28.129.202:8080;
server_name 182.28.129.202:8080;
#rewrite ^(.*) $scheme://$server_name permanent;
location = /login.html { # <---------- Edit2
proxy_pass http://192.168.13.2:80/;
}
location / {
proxy_pass http://192.168.13.2:80;
# trial and error
#proxy_http_version 1.1;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto http;
#proxy_bind 192.168.13.9;
#proxy_buffering off;
}
}
}
Edit2 - Wireshark 流,卡在重定向页面,/home
POST /login.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://182.28.129.202:8080/login.html
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: 182.28.129.202:8080
Content-Length: 33
DNT: 1
Connection: Keep-Alive
Cache-Control: no-cache
password=xxxxxxxxxx&login-submit=Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 20:10:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 239
Connection: close
Location: http://192.168.13.2/home
Set-Cookie: remember_token=admin|c8aa43aab8b27724a207eb28ac7d1034d1e274fc4f528002a2d6106bb7c36a41756f6951d518f632d426a7d8c8257ad00dbab78e3daf7a5bbbc723ba33107e5e; Expires=Fri, 07-Dec-2018 20:10:50 GMT; Path=/
Set-Cookie: session=.eJw1zksKwzAMRdG9eNyBLUeSnc0E2ZJoBgkln1Hp3msonT4uvPMOix92PsN8Hbc9wrJqmAMgdgOPWhJx06jSM-lEuUKN5CzelFJJJY-pRs5QDLkgRWsdPZZkTZETkRikws1gUufeRL0a9zhlHAlXFEDPYlLHW1RI3sAYwoC87Nhkt_360-7Tjh9PdFv38PkC4lY3Tg.DQsxyg.lZrpSNvXnwE-JHT5t6qlYLAQP4Y; Expires=Sun, 07-Jan-2018 20:10:50 GMT; HttpOnly; Path=/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="/home">/home</a>. If not click the link.
首先,我试图通过 HTTP 访问 UI,然后使用 HTTPS。由于我在这方面的知识,我无法继续前进,非常感谢任何指导。
谢谢,
我做了很多试验和错误,这就是观察奇怪错误的地方。以下是对我有用的配置文件。希望对大家有帮助。
# 192.168.13.2/16 - this upstream server
server {
listen 192.168.13.2:80;
server_name 192.168.13.2:80;
access_log /var/log/access.log;
error_log /var/log/error.log;
# No physical login.html,
# it is passing it to root which is login screen
location = /login.html {
rewrite ^ http://192.168.13.2/ last;
}
location / {
include uwsgi_params;
uwsgi_pass unix:/var/run/ui.sock;
}
}
# /etc/nginx/nginx.conf
# eth0 - 192.168.13.9/16
# eth0.1 - 182.28.129.202/24 - Reverse proxy
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
#tcp_nopush on;
keepalive_timeout 0; #Disable
gzip on;
gzip_disable "msie6";
server {
listen 182.28.129.202:8080;
server_name 182.28.129.202:8080;
location / {
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_pass http://192.168.13.2:80;
}
}
}