AWS - 未通过HTTPS连接的WebSockets

时间:2018-05-27 23:57:59

标签: amazon-web-services websocket amazon-elastic-beanstalk aws-load-balancer daphne

我在aws弹性beanstalk上部署了django web应用程序 我也在部分使用websockets ,我已经安装了应用程序负载均衡器,它应该默认支持websockets

https://aws.amazon.com/elasticloadbalancing/details/

但是在建立连接时(仅在HTTPS中)我会收到此

  

在建立连接之前关闭WebSocket

HTTP没有问题,它可以正常工作

这是loadbalancer config

enter image description here enter image description here

这是我在js中连接的方式

const ws_path = 'wss://<IPv4 Public IP>:5000';
const websocket = new ReconnectingWebSocket(ws_path,
    null, {maxReconnectAttempts: 5, timeoutInterval: 5000});
  • PORT 5000是daphne运行我的django应用程序的地方

和我的apache配置

files:   "/opt/elasticbeanstalk/hooks/appdeploy/post/run_supervised_daemon.sh":
    mode: "000755"
    owner: root
    group: root
    content: |
      #!/usr/bin/env bash

      # Get django environment variables
      djangoenv=`cat /opt/python/current/env | tr '\n' ',' | sed 's/%/%%/g' | sed 's/export //g' | sed 's/$PATH/%(ENV_PATH)s/g' | sed 's/$PYTHONPATH//g' | sed 's/$LD_LIBRARY_PATH//g'`
      djangoenv=${djangoenv%?}

      # Create daemon configuraiton script
      daemonconf="[program:daphne]
      ; Set full path to channels program if using virtualenv
      command=/opt/python/run/venv/bin/daphne -b 0.0.0.0 -p 5000 _myapp.asgi:channel_layer
      directory=/opt/python/current/app
      user=ec2-user
      numprocs=1
      stdout_logfile=/var/log/stdout_daphne.log
      stderr_logfile=/var/log/stderr_daphne.log
      autostart=true
      autorestart=true
      startsecs=10

      ; Need to wait for currently executing tasks to finish at shutdown.
      ; Increase this if you have very long running tasks.
      stopwaitsecs = 600

      ; When resorting to send SIGKILL to the program to terminate it
      ; send SIGKILL to its whole process group instead,
      ; taking care of its children as well.
      killasgroup=true

      ; if rabbitmq is supervised, set its priority higher
      ; so it starts first
      priority=998

      environment=$djangoenv

      [program:worker]
      ; Set full path to program if using virtualenv
      command=/opt/python/run/venv/bin/python manage.py runworker
      directory=/opt/python/current/app
      user=ec2-user
      numprocs=1
      stdout_logfile=/var/log/stdout_worker.log
      stderr_logfile=/var/log/stderr_worker.log
      autostart=true
      autorestart=true
      startsecs=10

      ; Need to wait for currently executing tasks to finish at shutdown.
      ; Increase this if you have very long running tasks.
      stopwaitsecs = 600

      ; When resorting to send SIGKILL to the program to terminate it
      ; send SIGKILL to its whole process group instead,
      ; taking care of its children as well.
      killasgroup=true

      ; if rabbitmq is supervised, set its priority higher
      ; so it starts first
      priority=998

      environment=$djangoenv"

      # Create the supervisord conf script
      echo "$daemonconf" | sudo tee /opt/python/etc/daemon.conf

      # Add configuration script to supervisord conf (if not there already)
      if ! grep -Fxq "[include]" /opt/python/etc/supervisord.conf
          then
          echo "[include]" | sudo tee -a /opt/python/etc/supervisord.conf
          echo "files: daemon.conf" | sudo tee -a /opt/python/etc/supervisord.conf
      fi

      # Reread the supervisord config
      sudo /usr/local/bin/supervisorctl -c /opt/python/etc/supervisord.conf reread

      # Update supervisord in cache without restarting all services
      sudo /usr/local/bin/supervisorctl -c /opt/python/etc/supervisord.conf update

      # Start/Restart processes through supervisord
      sudo /usr/local/bin/supervisorctl -c /opt/python/etc/supervisord.conf restart daphne
      sudo /usr/local/bin/supervisorctl -c /opt/python/etc/supervisord.conf restart worker

和ssl_config

files:
    "/etc/httpd/conf.d/ssl_rewrite.conf":
        mode: "000644"
        owner: root
        group: root
        content: |
            RewriteEngine On
            ProxyRequests Off
            RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
            RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]

            <If "-n '%{HTTP:X-Forwarded-Proto}' && %{HTTP:X-Forwarded-Proto} != 'https'">
            RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
            </If>

0 个答案:

没有答案