我有一个工作 NGINX > UWSGI > Django REST 应用程序,其中大文件上传被直接发送到 NGINX。上传完成后,Django 会收到上传完成的通知,并进一步更新其数据库。
但是,一旦我将 auth_request 子请求添加到 NGINX 配置,我就会收到上游 502 错误。根据我发现的信息(在 SO 以及其他地方),我尝试了许多不同的东西。我看到的所有示例都没有专门使用 UWSGI。大多数 auth_request 示例只是指一些已连接的 auth-server,但没有进一步的细节。您可以在下面找到我正在使用的一些配置文件。没有 'auth_request /auth' 语句, nginx.conf 可以正常工作。
Eveything 在 yoda_default 网络上的 Docker 容器中运行。我的 Django 后端容器名为 yoda_web 并在端口 8001 上运行,这就是您在 nginx.conf (uwsgi_pass yoda_web:8001) 中看到的内容。NGINX 本身在 8002 端口上运行。在底部,有我用来测试所有内容的 pytest 脚本。如果没有 nginx.conf 中的“auth_request”语句,它可以正常工作(见下面的输出)
yoda_nginx | 172.31.0.1 - - [28/Nov/2021:08:59:17 +0000] "POST /tokens HTTP/1.1" 200 52 "-" "python-requests/2.7.0 CPython/3.9.9 Darwin/20.6.0" "-"
yoda_web | [pid: 18|app: 0|req: 3/5] 172.31.0.1 () {38 vars in 554 bytes} [Sun Nov 28 08:59:17 2021] POST /tokens => generated 52 bytes in 161 msecs (HTTP/1.1 200) 7 headers in 201 bytes (1 switches on core 0)
yoda_web | Moved /data/uploads/1/0000000011 to /data/datasets/34fc4494-32d5 4f20-be49-e35a6ab1a5fd/5.dcm
yoda_web | Moved /data/uploads/2/0000000012 to /data/datasets/34fc4494-32d5 4f20-be49-e35a6ab1a5fd/4.dcm
yoda_web | Moved /data/uploads/3/0000000013 to /data/datasets/34fc4494-32d5 4f20-be49-e35a6ab1a5fd/1.dcm
yoda_web | Moved /data/uploads/4/0000000014 to /data/datasets/34fc4494-32d5 4f20-be49-e35a6ab1a5fd/3.dcm
yoda_web | Moved /data/uploads/5/0000000015 to /data/datasets/34fc4494-32d5 4f20-be49-e35a6ab1a5fd/2.dcm
yoda_web | [pid: 17|app: 0|req: 3/6] 172.31.0.1 () {40 vars in 693 bytes} [Sun Nov 28 08:59:17 2021] POST /upload => generated 163 bytes in 25 msecs (HTTP/1.1 201) 7 headers in 215 bytes (1 switches on core 0)
yoda_nginx | 172.31.0.1 - - [28/Nov/2021:08:59:17 +0000] "POST /upload HTTP/1.1" 201 163 "-" "python-requests/2.7.0 CPython/3.9.9 Darwin/20.6.0" "-"
使用 auth_request,上传失败(见下面的错误)
yoda_nginx | 192.168.0.1 - - [28/Nov/2021:08:59:48 +0000] "POST /tokens HTTP/1.1"
200 52 "-" "python-requests/2.7.0 CPython/3.9.9 Darwin/20.6.0" "-"
yoda_web | [pid: 18|app: 0|req: 1/1] 192.168.0.1 () {38 vars in 555 bytes} [Sun Nov 28 08:59:48 2021] POST /tokens => generated 52 bytes in 286 msecs (HTTP/1.1 200) 7 headers in 201 bytes (1 switches on core 0)
yoda_nginx | 2021/11/28 08:59:52 [error] 6#6: *3 upstream prematurely closed connection while reading response header from upstream, client: 192.168.0.1, server: localhost, request: "POST /upload HTTP/1.1", subrequest: "/auth", upstream: "http://192.168.0.5:8001/auth", host: "localhost:8002"
yoda_nginx | 2021/11/28 08:59:52 [error] 6#6: *3 auth request unexpected status: 502 while sending to client, client: 192.168.0.1, server: localhost, request: "POST /upload HTTP/1.1", host: "localhost:8002"
yoda_nginx | 192.168.0.1 - - [28/Nov/2021:08:59:52 +0000] "POST /upload HTTP/1.1" 500 177 "-" "python-requests/2.7.0 CPython/3.9.9 Darwin/20.6.0" "-"
如果有人能对这个问题有所了解,那就太好了。我觉得我忽略了一些简单的事情。
谢谢
网址.py:
path('auth', views.auth_nginx)
码头工人-compose.yml:
version: '3'
services:
nginx:
build: ./nginx
image: surgerymumc/yoda-nginx:latest
container_name: yoda_nginx
ports:
- "8002:8000"
volumes:
# Remove these lines in production
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
- ./nginx/nginx.default.conf:/etc/nginx/conf.d/default.conf
###
- data:/data
depends_on:
- web
web:
build: .
image: surgerymumc/yoda-web:latest
container_name: yoda_web
environment:
- ALLOWED_HOSTS
- ROOT_DIR
- POSTGRES_HOST
- REDIS_HOST
- DEBUG
volumes:
# Remove these lines in production
- ./docker-entrypoint.sh:/docker-entrypoint.sh
- ./uwsgi.ini:/uwsgi.ini
- ./src/yoda:/src
###
- data:/data
depends_on:
- db
redis:
restart: always
image: redis:6.2.5
container_name: yoda_redis
command: bash -c "redis-server"
ports:
- "6379:6379"
rq:
image: surgerymumc/yoda-web:latest
container_name: yoda_rq
command: bash -c "export CUDA_VISIBLE_DEVICES=1 && python manage.py rqworker"
environment:
- ALLOWED_HOSTS
- ROOT_DIR
- POSTGRES_HOST
- REDIS_HOST
- DEBUG
volumes:
# Remove these lines in production
- ./src/yoda:/src
###
- data:/data
depends_on:
- db
- redis
db:
restart: always
image: postgres:10.5-alpine
container_name: yoda_postgres
volumes:
- postgres_data:/var/lib/postgresql/data
expose:
- "5432"
ports:
- "5432:5432"
volumes:
data:
driver: local
postgres_data:
driver: local
nginx.conf(仅限服务器块):
server {
listen 8000;
server_name localhost;
client_max_body_size 8000M;
client_body_buffer_size 8000M;
client_body_timeout 120;
add_header X-Clacks-Overhead "GNU Terry Pratchett";
add_header X-Clacks-Overhead "GNU Terry Pratchet";
add_header Access-Control-Allow-Origin *;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,X-CustomHeader,Keep Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
location / {
include /etc/nginx/uwsgi_params.par;
uwsgi_pass yoda_web:8001;
uwsgi_max_temp_file_size 10024m;
}
location /static/ {
alias /data/static/;
}
location /upload {
auth_request /auth;
# After upload, pass altered request body to this django view
upload_pass /datasets/create;
# Store files to this directory
# The directory is hashed, subdirectories 0 1 2 3 4 5 6 7 8 9 should exist
upload_store /data/uploads 1;
upload_store_access user:rw group:rw all:rw;
# Set specified fields in request body
upload_set_form_field $upload_field_name.name "$upload_file_name";
upload_set_form_field $upload_field_name.content_type "$upload_content_type";
upload_set_form_field $upload_field_name.path "$upload_tmp_path";
# Inform backend about hash and size of a file
upload_aggregate_form_field "$upload_field_name.md5" "$upload_file_md5";
upload_aggregate_form_field "$upload_field_name.size" "$upload_file_size";
# Here is where you define additional fields to pass through to upload_complete
upload_pass_form_field "^submit$|^description$";
upload_pass_form_field "^name$";
upload_pass_form_field "^terminal$";
upload_cleanup 400-599;
}
location = /auth {
internal;
proxy_pass http://yoda_web:8001;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
#proxy_set_header Host $host;
#proxy_read_timeout 300s;
#proxy_connect_timeout 75s;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header Authorization $http_authorization;
#proxy_pass_header Authorization;
}
}
test_upload.py (pytest):
import os
import requests
def test_upload():
response = requests.post(
'http://localhost:8002/tokens',
data={'username': 'johnny', 'foobar': 'arturo4ever'})
token = response.json()['token']
files = []
test_data = 'src/yoda/tests/test_data/set1'
for f in os.listdir(test_data):
files.append(('files', open(os.path.join(test_data, f), 'rb')))
response = requests.post(
'http://localhost:8002/upload',
headers={'Authorization': 'Token {}'.format(token)}, files=files)
assert response.status_code == 201