【发布时间】:2021-10-17 13:59:18
【问题描述】:
我有一个使用 Kubernetes 的 docker 部署。在正在运行的 AWS K8“pod”上,我突然出现以下错误:
connect() failed (111: Connection refused) while connecting to upstream, client: X.0.XX.XX, server: _, request: "GET /api/endpoint& HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "domain.com"
这似乎与使用 php-fpm 的 nginx 配置有关,而不是与 Dockerfile 或部署有关。立即修复此错误的方法是重新启动 Kubernetes pod(无论哪个 pod 发生此错误)。
我怀疑如果 php-fpm 在给定的 pod 内发生故障,那是它停止监听端口 9000 的时候?我 ssh 进入 pod 并执行 netstat 来验证这一点,它显示 9000 还活着。
作为参考,这里是 Dockerfile:
FROM trafex/alpine-nginx-php7:1.9.0
USER root
RUN apk add --no-cache file
RUN apk --update add imagemagick
RUN apk --no-cache add php7-redis php7-simplexml php7-iconv php7-imagick
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
ARG gh_token
ADD nginx-host.conf /etc/nginx/nginx.conf
RUN rm -Rf /var/www/html/
COPY . /var/www/html/
RUN composer config --global github-oauth.github.com ${gh_token}
RUN cd /var/www/html/ \
&& composer update
RUN composer config --global github-oauth.github.com "none"
USER nobody
这里是 nginx.conf:
worker_processes auto;
error_log stderr warn;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# Define custom log format to include reponse times
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$request_time $upstream_response_time $pipe $upstream_cache_status';
access_log /dev/stdout main_timed;
error_log /dev/stderr notice;
keepalive_timeout 65;
# Write temporary files to /tmp so they can be created as a non-privileged user
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
underscores_in_headers on;
map $request_uri $version {
~(?<captured_topdir>^/[a-zA-Z0-9]+[/]) $captured_topdir;
}
# Default server definition
server {
listen [::]:8080 default_server;
listen 8080 default_server;
server_name _;
sendfile off;
client_max_body_size 6M;
root /var/www/html;
index index.php index.html;
# Redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/lib/nginx/html;
}
location / {
rewrite ^/(v[0-9]+|stage|partner)?/(.*)$ /$2 last;
set $new_uri $uri;
try_files $uri $uri/ /index.php?$query_string;
}
# Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param API_VERSION $version;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REQUEST_URI $new_uri;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
expires 5d;
}
# Deny access to . files, for security
location ~ /\. {
log_not_found off;
deny all;
}
# Allow fpm ping and status from localhost
location ~ ^/(fpm-status|fpm-ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
}
}
gzip on;
gzip_proxied any;
gzip_types text/plain application/xml text/css text/js text/xml application/x-javascript text/javascript application/json application/xml+rss;
gzip_vary on;
gzip_disable "msie6";
# Include other server configs
include /etc/nginx/conf.d/*.conf;
}
关于 nginx 配置的任何想法可能会出现此错误吗?现在已经完全出乎意料地发生了几次。
【问题讨论】:
-
您在使用 Amazon EKS 吗?有没有发现其他错误?您能否尝试一下 Harsh Manvar 提出的解决方案?
标签: php amazon-web-services docker nginx kubernetes