文章描述了在Kubernetes环境中,使用NginxIngress访问APIGateway时遇到502BadGateway错误的情况,分析了可能是后台服务未启动或Nginx配置问题,提供了检查和解决步骤的参考链接。
小结
在Kubernetes环境中是通过Nginx Ingress来从外部访问Kubernetes内部的环境,并用API Gateway来分发请求,碰到了 502 Bad gateway.的问题,并尝试解决。
问题
从外部通过Nginx Ingress访问Kubernetes内部的环境API Gateway,返回错误: 502 Bad gateway. 这里API Gateway也起到了Load Balancer的作用。
[john@Node1 ~]$ curl -H 'Host:apigw.com' http://192.168.18.16:80/Test Application/process
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.25.1</center>
</body>
</html>
查看Nginx运行的实例:
[john@Master ~]$ kubectl get pods -o wide -A | tail -n 2
nginx-ingress nginx-ingress-c46vc 1/1 Running 0 31d 10.244.3.163 Node1 <none> <none>
nginx-ingress nginx-ingress-hvqjg 1/1 Running 0 31d 10.244.4.164 Node2 <none> <none>
查看错误日志,
[john@Master ~]$ kubectl logs -f nginx-ingress-hvqjg -n nginx-ingress
可以看到类似以下错误:connect() failed (111: Connection refused) while connecting to upstream。
查看Nginx的配置文件:
[john@Master ~]$ kubectl exec -it nginx-ingress-c46vc -n nginx-ingress -- /bin/bash
nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/nginx.conf
nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/conf.d/default-apigw-ingress.conf
解决
通常情况下需要去查找后台服务的问题,有可能是后台服务没有正常启动所导致的连接问题。
确认了后台服务没有问题后,那么需要去看Nginx Ingress的配置问题。
以下是正确Ngnix Ingress配置示例 (在Nginx Ingress的pod中):
nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/conf.d/default-apigw-ingress.conf
# configuration for default/apigw-ingress
upstream default-apigw-ingress-apigw.com-apigw-service-80 {
zone default-apigw-ingress-apigw.com-apigw-service-80 256k;
random two least_conn;
server 10.244.3.169:8090 max_fails=1 fail_timeout=10s max_conns=0;
server 10.244.4.171:8090 max_fails=1 fail_timeout=10s max_conns=0;
}
server {
listen 80;
server_tokens on;
server_name apigw.com;
set $resource_type "ingress";
set $resource_name "apigw-ingress";
set $resource_namespace "default";
location / {
set $service "apigw-service";
proxy_http_version 1.1;
proxy_connect_timeout 60s;
proxy_read_timeout 60s;
proxy_send_timeout 60s;
client_max_body_size 1m;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering on;
proxy_pass http://default-apigw-ingress-apigw.com-apigw-service-80/;
}
location /eureka {
set $service "eureka-lb";
proxy_http_version 1.1;
proxy_connect_timeout 60s;
proxy_read_timeout 60s;
proxy_send_timeout 60s;
client_max_body_size 1m;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering on;
proxy_pass http://default-apigw-ingress-apigw.com-eureka-lb-80/;
}
}
参考
Stackoverflow: 502 Bad gateway when trying to connect to backend
Nginx Ingress Installation with Manifests
server fault: connect() failed (111: Connection refused) while connecting to upstream
stackoverflow: Why does attempting to connect to my ingress show connection refused?
优快云: nginx报错:connect() failed (111: Connection refused) while connecting to upstream
优快云: Nginx报502错误,日志connect() failed (111: Connection refused) while connecting to upstream的个人有效解决方案
Kubernetes Ingress
扫一扫
532
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
