我有一个node.js(+ Express)应用程序托管在ubuntu 16.04机器上,服务于一个http web应用程序,一个nginx反向代理服务于一个https服务器(代理请求我的节点应用程序到端口8080)。当有人通过浏览器使用我的网络应用程序时,在浏览器和服务器之间来回发送几个请求后,应用程序停止响应并返回502错误的网关响应。
从我读到的关于nginx中的上游错误的内容来看,错误可能在于node.js应用程序和错误处理错误 - 服务器崩溃和重启。不幸的是,在我的节点日志中没有任何内容,日志只是在某一点“沉默”并且没有记录任何内容。所以我坦率地对如何调试问题感到茫然。我在我的节点应用程序中设置了一个错误处理程序 - 设置为中间件,最后由快递应用程序使用。
我觉得非常奇怪的另一件事是当我在Chrome中获得502坏网关(在应用程序挂起/加载2分钟后),该网站将无法加载或重新加载。但是,当我以Chrome隐身身份打开网站时,我设法打开登录页面,转到登录页面并发送带有登录详细信息的POST请求。只有在那之后应用程序挂起(并在大约2分钟后发送502坏网关)。当我使用chrome隐身时,日志会显示一些请求,最后一个通常是
GET /js/24.a34f9a13b9032f4d89b4.chunk.js HTTP/1.1然后日志再次变为静音。 (所以表示永远不会收到带登录数据的POST请求)
有人能指出我找到并解决问题的正确方向吗?请耐心等待,因为我主要是网络开发的初学者。
以下是nginx日志的错误:
2018/03/28 17:34:45 [error] 19696#19696: *2078 connect() failed (111: Connection refused) while connecting to upstream, client: 91.89.32.129, server: dashboard.hsseowayds.com, request: "GET /assets/css/font-awesome.min.css HTTP/1.1", upstream: "http://[::1]:8080/assets/css/font-awesome.min.css", host: "dashboard.hsseowayds.com", referrer: "https://dashboard.hsseowayds.com/"
2018/03/28 17:34:50 [error] 19696#19696: *2036 upstream prematurely closed connection while reading response header from upstream, client: 91.89.32.129, server: dashboard.hsseowayds.com, request: "POST /auth/login HTTP/1.1", upstream: "http://127.0.0.1:8080/auth/login", host: "dashboard.hsseowayds.com", referrer: "https://dashboard.hsseowayds.com/"
2018/03/28 17:34:50 [error] 19696#19696: *2036 no live upstreams while connecting to upstream, client: 91.89.32.129, server: dashboard.hsseowayds.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://localhost/favicon.ico", host: "dashboard.hsseowayds.com", referrer: "https://dashboard.hsseowayds.com/auth/login"
当我在服务器问题中使用chrome隐身时,我还为所有接口(包括以太网和环回)做了端口80,443和8080的tcpdump,并尝试使用wireshark来找出问题所在,但是没有成功。 (我还使用wireshark来捕获我的计算机和服务器之间的流量,这对我没有任何帮助)。我使用的tcpdump命令是:
sudo tcpdump -l -w tcpdump_any_fail_1832.pcap -tttt -i any -s0 port 80 or port 443 or port 8080
如果有人想看看,这里是wireshark的截图和.pcap文件,我可以私下发送给你(我更改了里面的登录数据),因为我不认为我可以在这里附上它:
wireshark screenshot
这是来自sites-availables的我的nginx文件:
server {
listen 80;
server_name dashboard.hsseowayds.com dashboard.hsseowayds.com;
return 301 https://dashboard.hsseowayds.com$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name dashboard.hsseowayds.com;
ssl on;
ssl_certificate /etc/nginx/ssl/dashboard.hsseowayds.com/rapidSSL.crt;
ssl_certificate_key /etc/nginx/ssl/dashboard.hsseowayds.com/ssl_private_key.pem;
ssl_session_timeout 180m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:20m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DHE+AES128:!ADH:!AECDH:!MD5;
ssl_dhparam /etc/nginx/cert/dhparam.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
underscores_in_headers on;
location / {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection '';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 160s;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
}