Kubernetes Nginx容器无法访问php-fpm容器
Kubernetes Nginx容器无法访问php-fpm容器
提问于 2022-07-19 06:03:47
我为nginx和php容器创建了2个Kubernetes部署。但出于某种原因,nginx的通信量似乎无法成功地到达php-fpm容器,从而产生以下错误:
172.18.0.1 - - [18/Jul/2022:16:51:10 +0000] "GET / HTTP/1.1" 404 555 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36"这是我的部署文件
apiVersion: v1
kind: ConfigMap
metadata:
name: web-server-config
namespace: dev-api
data:
nginx.conf: |
server {
listen 80;
index index.php index.html;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/html/public;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass api-web-svc:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
gzip_static on;
}
}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: php-config
namespace: dev-api
data:
laravel.ini: |
upload_max_filesize: 80M
post_max_size: 80M
---
apiVersion: v1
kind: Secret
metadata:
name: api-web-secret
namespace: dev-api
type: Opaque
data:
...
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-web
namespace: dev-api
spec:
selector:
matchLabels:
app: api-web
replicas: 1
template:
metadata:
labels:
app: api-web
spec:
containers:
- name: api-web
image: XXX.dkr.ecr.us-east-1.amazonaws.com/api-web:0.9.4-alpha
volumeMounts:
- name: php-config
mountPath: /usr/local/etc/php/conf.d/laravel.ini
- name: env-config
mountPath: /var/www/html/.env
ports:
- containerPort: 9000
volumes:
- name: php-config
configMap:
name: php-config
- name: env-config
secret:
secretName: api-web-secret
imagePullSecrets:
- name: regcred
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: dev-api
spec:
selector:
matchLabels:
app: nginx
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:alpine
volumeMounts:
- name: web-server-config
mountPath: /etc/nginx/conf.d/
ports:
- containerPort: 80
volumes:
- name: web-server-config
configMap:
name: web-server-config
---
apiVersion: v1
kind: Service
metadata:
name: web-server-svc
namespace: dev-api
spec:
type: NodePort
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 32420
---
apiVersion: v1
kind: Service
metadata:
name: api-web-svc
namespace: dev-api
labels:
app: api-web
spec:
type: ClusterIP
selector:
app: api-web
ports:
- protocol: TCP
port: 9000namespace是单独声明的。每个部署中的两个容器都成功运行。
k logs deployment/nginx-deployment -n dev-api
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf is not a file or does not exist
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2022/07/18 16:18:50 [notice] 1#1: using the "epoll" event method
2022/07/18 16:18:50 [notice] 1#1: nginx/1.21.6
2022/07/18 16:18:50 [notice] 1#1: built by gcc 10.3.1 20211027 (Alpine 10.3.1_git20211027)
2022/07/18 16:18:50 [notice] 1#1: OS: Linux 5.4.0-109-generic
2022/07/18 16:18:50 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2022/07/18 16:18:50 [notice] 1#1: start worker processes
2022/07/18 16:18:50 [notice] 1#1: start worker process 21
2022/07/18 16:18:50 [notice] 1#1: start worker process 22
2022/07/18 16:18:50 [notice] 1#1: start worker process 23
2022/07/18 16:18:50 [notice] 1#1: start worker process 24
2022/07/18 16:18:50 [notice] 1#1: start worker process 25
2022/07/18 16:18:50 [notice] 1#1: start worker process 26
2022/07/18 16:18:50 [notice] 1#1: start worker process 27
2022/07/18 16:18:50 [notice] 1#1: start worker process 28 k logs deployment/api-web -n dev-api
[18-Jul-2022 16:18:51] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[18-Jul-2022 16:18:51] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[18-Jul-2022 16:18:51] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[18-Jul-2022 16:18:51] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[18-Jul-2022 16:18:51] NOTICE: fpm is running, pid 1
[18-Jul-2022 16:18:51] NOTICE: ready to handle connections用于在api-web:0.9.4-alpha部署中生成映像api-web的Dockerfile如下所示
FROM php:7.2-fpm
# Copy composer.lock and composer.json
COPY composer.lock composer.json /var/www/html/
# Set working directory
WORKDIR /var/www/html
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
libpng-dev \
libjpeg62-turbo-dev \
libfreetype6-dev \
locales \
zip \
jpegoptim optipng pngquant gifsicle \
vim \
unzip \
git \
curl \
nodejs \
npm
# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Install extensions
RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl
RUN docker-php-ext-configure gd --with-gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/
RUN docker-php-ext-install gd
# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Add user for laravel application
RUN groupadd -g 1000 www
RUN useradd -u 1000 -ms /bin/bash -g www www
# Copy existing application directory contents
COPY . /var/www/html/
# Copy existing application directory permissions
COPY --chown=www:www . /var/www/html/
# Change current user to www
USER www
## Run composer dependencies
RUN composer update
RUN composer install
# Expose port 9000 and start php-fpm server
EXPOSE 9000
CMD ["php-fpm"]这个Dockerfile运行也很好,没有任何问题。使用此映像的docker-compose文件也不存在任何问题。
您是否知道为什么来自nginx-deployment容器的流量无法通过错误到达api-web php-fpm容器?
172.18.0.1 - - [18/Jul/2022:16:51:10 +0000] "GET / HTTP/1.1" 404 555 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36"回答 2
Stack Overflow用户
发布于 2022-07-19 09:02:48
据我所知,这两个荚,或至少容器需要相同的源文件。如果nginx不知道这个php文件的存在,它就不能将请求转发到php容器。
我说的是容器,但我不建议将nginx和php分割成单独的荚。更有可能的是,我会把这些容器作为一个单元来启动,在一个容器中有相同的源。除非你有某种Cron作业或批处理作业。
Stack Overflow用户
发布于 2022-07-19 10:03:42
如果使用,则建议在单个php-fpm中维护两个容器,但是,如果已经在现有设置中使用Nginx入口控制器或任何其他代理支持php-fpm,则不需要以sidecar或其他部署方式运行Nginx。
apiVersion: extensions/v1
kind: Deployment
metadata:
labels:
app: wordpress-site
name: wordpress-site
namespace: development
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: wordpress-site
tier: frontend
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: wordpress-site
tier: frontend
spec:
volumes:
- configMap:
defaultMode: 256
name: nginxthroughpass
optional: false
name: nginxconf
- name: shared-files
emptyDir: {}
containers:
- name: app
image: <REPLACE WITH DOCKER PHP-FPM IMAGE URL>
imagePullPolicy : IfNotPresent
volumeMounts:
- name: shared-files
mountPath: /var/www/html
envFrom:
- configMapRef:
name: wordpress-configmap
- name: nginx
image: nginx
imagePullPolicy : IfNotPresent
volumeMounts:
- name: shared-files
mountPath: /var/www/html
- mountPath: /etc/nginx/conf.d
name: nginxconf
readOnly: true参考文献:https://github.com/harsh4870/Kubernetes-wordpress-php-fpm-nginx
或
如果不想运行 Nginx 容器,也可以使用Nginx入口将流量转发给php-fpm容器。
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
nginx.ingress.kubernetes.io/fastcgi_send_timeout: "1800"
nginx.ingress.kubernetes.io/fastcgi_read_timeout: "1800"
nginx.ingress.kubernetes.io/backend-protocol: "FCGI"
nginx.ingress.kubernetes.io/fastcgi-index: "index.php"
nginx.ingress.kubernetes.io/fastcgi-params-configmap: "development/word-cm"
nginx.ingress.kubernetes.io/server-snippets: |
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress-site:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
name: wordpress-dev
spec:
rules:
- host: dev.example.io
http:
paths:
- backend:
serviceName: php-fpm-service
servicePort: 80您也可以使用这个入口作为ref:https://github.com/harsh4870/Kubernetes-wordpress-php-fpm-nginx/blob/master/ingress.yaml
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/73031856
复制相关文章
相似问题
腾讯云开发者
