logo标签列表

使用Nginx反向代理Docker Flask应用程序时出现502 Bad Gateway错误

nginxdocker-composenginx-reverse-proxy
3
我遇到了创建反向代理到我的 Docker 应用程序的问题,该应用程序公开端口 5000。理想情况下,我希望能够使用子域名。
这是我的 docker-compose.yaml 文件:
version: "2"
services:
  nginx:
    image: nginx:1.15-alpine
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx:/etc/nginx/conf.d
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
    restart: always
  certbot:
    image: certbot/certbot
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
    restart: always
  db:
    image: mysql:5.7
    ports:
      - "32000:3306"
    environment:
      MYSQL_DATABASE: drinks
      MYSQL_RANDOM_ROOT_PASSWORD: "yes"
      MYSQL_USER: my_user
      MYSQL_PASSWORD: password_here
    volumes:
      - my-datavolume:/var/www/mysql
  app:
    restart: always
    build: ./
    links:
      - db
    ports:
      - "5000:5000"
volumes:
  my-datavolume:

这是我的DockerFile文件:

FROM python:3.6-alpine

# create a new user named marty
RUN adduser -D marty

# current directory where the app will be installed
WORKDIR /home/marty

# copy file from the machine to the container file system
COPY app app
COPY requirements.txt requirements.txt

# run a virtual env and install requirements
RUN python3 -m venv venv
CMD source ./venv/bin/activate
RUN apk add --no-cache --virtual .pynacl_deps build-base python3-dev libffi-dev openssl-dev
RUN pip install -r requirements.txt


# The EXPOSE instruction indicates the ports on which a container # # will listen for connections
# Since Flask apps listen to port 5000  by default, we expose it
EXPOSE 5000

# Run app.py when the container launches
CMD python app/app.py

最后,这是我的nginx配置:

server {
    listen 80;
    server_name api.example.com;
    location / {
        return 301 https://$host$request_uri;
    }
    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
}
server {
    listen 443 ssl;
    server_name api.example.com;

    location / {
        proxy_pass http://0.0.0.0:5000;
    }

    ssl_certificate /etc/letsencrypt/live/api.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/api.example.com/privkey.pem;

    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

由于某些原因,当我访问api.example.com时,一直出现502 Bad gateway错误。
我已经创建了api和www.api的A记录。 a records
1个回答
1
问题出在Centos 7和Selinux上。我通过转换到Debian并发誓永远不再使用Centos来解决了这个问题。
我也遇到了同样的问题,而 setenforce 0 命令使请求得以启用。我不会将任何责任归咎于 CentOS,当然也不会归咎于 nginx;这只是由于 selinux 的设置方式(不允许轻松打开除 443 和 80 端口之外的端口)。感谢您的建议! - P Marecki
我有完全相同的配置,但在Debian上运行时仍然出现这个错误 :/ - dnuske
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接