如何解决特使代理后面的 omnidb
我正在尝试在 omnidb 后面设置一个 envoy proxy 服务器
它在 Nginx 上运行良好,但由于某种原因我不得不改为特使......
我使用的是 omnidb v2.17
问题在于正在使用的 websocket omnidb。我可以很好地连接到 omnidb,我可以登录,但是当我运行 SQL 查询时,出现以下错误:
无法通过端口 443(外部)和 26000(内部)连接到 websocket 服务器
当我在浏览器中检查时,我在控制台中看到以下错误:WebSocket connection to 'wss://my-domain.com/wss' failed: Error during WebSocket handshake: Unexpected response code: 404
几秒钟后,我在控制台中出现此错误:WebSocket connection to 'wss://my-domain.com:26000/wss' failed: Error in connection establishment: net::ERR_CONNECTION_TIMED_OUT
编辑:在特使日志中我有这个:[2021-02-16T18:52:19.016Z] "GET /wss HTTP/1.1" 404 - 0 77 63 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_0) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/88.0.4324.150 Safari/537.36" "0d9be0f1-9517-43e0-8a66-355804dd23c7" "my-domain.com" "10.0.0.1:8080"
所以它似乎尝试转发到“10.0.0.1:8080”而不是端口 26000。是不是前缀“/”在“/wss”之前匹配所以一切都转到端口 8080?
这是我的 envoy.yaml 文件:
static_resources:
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 443
filter_chains:
- filter_chain_match:
server_names:
- my-domain.com
filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http_and_wss
upgrade_configs:
- upgrade_type: websocket
access_log:
- name: envoy.access_loggers.file
typed_config:
"@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
path: /dev/stdout
http_filters:
- name: envoy.filters.http.router
route_config:
name: omnidb
virtual_hosts:
- name: local_service
domains:
- "*"
routes:
- match:
prefix: "/wss/"
route:
prefix_rewrite: "/"
cluster: omnidb_ws
- match:
prefix: "/ws/"
route:
prefix_rewrite: "/"
cluster: omnidb_ws
- match:
prefix: "/"
route:
cluster: omnidb
transport_socket:
name: envoy.transport_sockets.tls
typed_config:
"@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext
common_tls_context:
tls_certificates:
certificate_chain:
filename: /etc/letsencrypt/live/my-domain.com/cert.pem
private_key:
filename: /etc/letsencrypt/live/my-domain.com/privkey.pem
clusters:
- name: omnidb
connect_timeout: 30s
dns_lookup_family: V4_ONLY
load_assignment:
cluster_name: omnidb
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 10.0.0.1
port_value: 8080
- name: omnidb_ws
connect_timeout: 0.25s
dns_lookup_family: V4_ONLY
transport_socket:
name: envoy.transport_sockets.tls
typed_config:
"@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
load_assignment:
cluster_name: omnidb_ws
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 10.0.0.1
port_value: 26000
PS:我无法创建标签 omnidb,所以我用 SQL 代替,如果有标签 omnidb 就好了
解决方法
经过上面的编辑以将 / 路由作为最后一个,否则它将匹配所有内容,现在您需要修复发送请求的方式或如何处理两条路由的尾随斜杠。
这里的主要观点:
- 您有
/wss/和/ws/的路由匹配,两者都带有斜杠 - 您使用
/wss发送请求,NO 尾部斜杠。 - 此请求与前两条路由都不匹配,因此它再次到达
/路由。
您可以使用 /wss/ (注意尾部斜杠) 发送您的请求,或者您可以添加/修改您的路线。这可以通过多种方式完成,最简单的可能是仅匹配 /wss 和 /ws。 虽然如果尾部斜杠对最终应用程序很重要(它可以在 UI 中),您可以将 /wss 重定向到 /wss/
我测试了这只是对您的配置稍作修改。忽略过滤器链中的变化,唯一重要的是路由。
static_resources:
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 8443
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http_and_wss
access_log:
- name: envoy.access_loggers.file
typed_config:
"@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
path: /dev/stdout
http_filters:
- name: envoy.filters.http.router
route_config:
name: omnidb
virtual_hosts:
- name: local_service
domains:
- "*"
routes:
- match:
prefix: "/wss"
route:
prefix_rewrite: "/"
cluster: omnidb_ws
- match:
prefix: "/ws"
route:
prefix_rewrite: "/"
cluster: omnidb_ws
- match:
prefix: "/"
route:
cluster: omnidb
clusters:
- name: omnidb
connect_timeout: 30s
dns_lookup_family: V4_ONLY
load_assignment:
cluster_name: omnidb
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 10.0.0.1
port_value: 8080
- name: omnidb_ws
connect_timeout: 0.25s
dns_lookup_family: V4_ONLY
transport_socket:
name: envoy.transport_sockets.tls
typed_config:
"@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
load_assignment:
cluster_name: omnidb_ws
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 10.0.0.1
port_value: 26000
然后 curl localhost:8443/wss 或 curl localhost:8443/wss/ 显示他们到达了您的 26000 地址。
[2021-02-22T15:57:22.818Z] "GET /wss/ HTTP/1.1" 503 UF 0 91 3 - "-" "curl/7.68.0" "806c2c28-4ab4-4069-acf1-15b75405d390" "localhost:8443" "10.0.0.1:26000"
[2021-02-22T15:57:27.287Z] "GET /wss HTTP/1.1" 503 UF 0 91 3 - "-" "curl/7.68.0" "55d32a64-c9f7-46cc-8f5e-4a024c0de00d" "localhost:8443" "10.0.0.1:26000"
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。