Я уже несколько дней пытаюсь заставить мое соединение nginx работать с php-fpm. Проблема в том, что он всегда дает мне 504 и выдает следующий журнал ошибок:
2018/07/09 10:57:25 [ошибка] 5 # 5: * 10 тайм-аут восходящего потока (110: тайм-аут операции) при подключении к восходящему потоку, клиент: 10.60.0.1, сервер: project.com, запрос: "GET /favicon.ico HTTP / 1.1 ", восходящий поток:" fastcgi: //10.63.243.26: 9000 ", хост:" 35.195.63.176 "
5 # 5: * 7 тайм-аут восходящего потока (110: тайм-аут операции) при подключении к восходящему потоку, клиент: 10.60.0.1, сервер: project.com, запрос: «GET / HTTP / 1.1», восходящий поток: «fastcgi: // 10.63.243.26:9000 ", хост:" 35.195.63.176 "
IP-адрес, к которому он пытается получить доступ, - это IP-адрес службы php-fpm, которая у меня запущена в моих кубернетах, тогда я поставлю вам .yaml моего k8s.
nginx-service.yaml
apiVersion: v1
kind: Service
metadata:
namespace: default
labels:
service: nginx
name: nginx
spec:
type: LoadBalancer
ports:
- name: "80"
port: 80
targetPort: 80
- name: "443"
port: 443
targetPort: 443
selector:
service: nginx
status:
loadBalancer: {}
php-fpm-service.yaml
apiVersion: v1
kind: Service
metadata:
namespace: default
labels:
service: php-fpm
name: php-fpm
spec:
ports:
- name: "9000"
port: 9000
targetPort: 9000
protocol: TCP
selector:
service: php-fpm
status:
loadBalancer: {}
nginx.conf
# User for nginx
user nobody;
# Actives CPUs, value: auto gives a number of CPUs available
worker_processes 1;
# Logs location
error_log /var/log/nginx/error.log;
pid /var/log/nginx/nginx.pid;
# Events is used to set global options that affect how Nginx handles connections at a general level
events {
# Connections per second in one worker
worker_connections 1024;
}
# Define how the program will handle HTTP or HTTPS connections.
http {
# Include configuration files
include /etc/nginx/conf/mime.types;
include /etc/nginx/conf/upstream.conf
# Include symfony conf
include /etc/nginx/conf/symfony.conf;
default_type application/octet-stream;
# Nginx security config
server_tokens off;
# Hold open the TCP connection between the client and the server after an HTTP transaction has completed
keepalive_timeout 15;
}
symfony.conf
# Symfony
server {
# Listen for ipv4; this line is default and implied
listen 80;
listen 443 ssl http2;
# Make site accessible from http://localhost/
server_name project.com www.project.com;
# Folder with source
root /var/www/project/public;
ssl_certificate /etc/ssl/project.crt;
ssl_certificate_key /etc/ssl/project.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
# Try to serve file directly, fallback to index.php
try_files $uri /index.php$is_args$args;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass php-fpm;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param HTTPS on;
fastcgi_read_timeout 120;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/index.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
#error_page 404 /404.html;
# location = /404.html
# root /var/www/errors;
# internal;
#}
# return 404 for all other php files not matching the front controller
# this prevents access to other php files you don't want to be accessible.
location ~ \.php$ {
return 404;
}
# Logs from this server
error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}
Образы докеров Nginx:
FROM nginx:alpine
# Set environment variable
ENV TZ="Europe/Madrid"
# Copy configuration files
COPY nginx.conf /etc/nginx/
COPY mime.types /etc/nginx/conf/mime.types
COPY symfony.conf /etc/nginx/conf/symfony.conf
# Delete default files
RUN rm /etc/nginx/conf.d/default.conf && rm -rf /var/wwww/html
COPY . /var/www/project
# Copy ssl certificates
COPY project.crt /etc/ssl/
COPY project.key /etc/ssl/
# Upstream
RUN echo "upstream php-upstream { server php-fpm:9000; }" > /etc/nginx/conf/upstream.conf
EXPOSE 443
EXPOSE 80
Образ докера PHP-fpm:
FROM php:7.2-fpm
# Set environment and arguments
ARG DEBIAN_FRONTEND=noninteractive
ENV TZ=Europe/Madrid
WORKDIR /var/www/project/
# Install and upgrade programs
RUN apt-get update && apt-get upgrade -y
RUN apt-get install -y \
openssl \
unzip \
zip \
zlib1g-dev \
&& rm -rf /var/lib/apt/lists/*
# Install Composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Install apcu
RUN pecl install apcu
# Added extensions to docker
RUN docker-php-ext-install pdo pdo_mysql \
&& docker-php-ext-install zip \
&& docker-php-ext-configure opcache \
&& docker-php-ext-install opcache \
&& docker-php-ext-enable apcu
# Create a user for composer
RUN useradd -m composer -g www-data
# Set user
USER composer
RUN composer global require hirak/prestissimo
COPY . /var/www/project
EXPOSE 9000
Я не знаю, где неправильная конфигурация. Я также оставляю вам развертывание Kubernetes на случай, если это как-то связано с этим.
Nginx-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
service: nginx
name: nginx
namespace: default
spec:
replicas: 1
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
service: nginx
spec:
containers:
- image: nginx-image
name: nginx
imagePullPolicy: Always
ports:
- containerPort: 80
- containerPort: 443
resources: {}
restartPolicy: Always
status: {}
PHP-fpm-deployment.yaml:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
service: php-fpm
name: php-fpm
namespace: default
spec:
replicas: 2
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
service: php-fpm
spec:
containers:
- image: phpImage
name: php-fpm
imagePullPolicy: Always
ports:
- containerPort: 9000
resources: {}
restartPolicy: Always
status: {}
Большое спасибо!