Nginx + PHP-FPM:连接到上游时拒绝连接(502)

I know there's a ton of posts regarding 502 Bad Gateway, but I haven't been able to solve this problem. I'm using Docker Compose to create separate containers for Nginx and PHP-FPM.

Error I get loading PHP files in the browser (HTML files render fine):

tc-web     | 2018/01/22 19:22:46 [error] 5#5: *4 connect() failed (111: Connection refused) while connecting to upstream, client: 172.18.0.1, server: localhost, request: "GET /info.php HTTP/1.1", upstream: "fastcgi://172.18.0.2:9000", host: "localhost:8080"
tc-web     | 172.18.0.1 - - [22/Jan/2018:19:22:46 +0000] "GET /info.php HTTP/1.1" 502 575 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"

I've tried tweaking the various configs, using Unix socket, etc., for hours, and I still get 502 errors with PHP files. Can you spot what's wrong?

Here are all required files..

docker-composer.yml:

version: '3'
services:
  web:
    build:
      context: ./docker/nginx
    image: tc-web:0.1.0
    container_name: tc-web
    volumes:
      # test files
      - ./temp.html:/var/www/html/index.html
      - ./temp.php:/var/www/html/info.php
    ports:
      - 8080:80
    depends_on:
      - php-fpm

  php-fpm:
    build:
      context: ./docker/php-fpm
    image: tc-php:0.1.0
    container_name: tc-php
    volumes:
      - ./temp.html:/var/www/html/index.html
      - ./temp.php:/var/www/html/info.php

docker/nginx/Dockerfile:

FROM nginx:1.13.8

# Install programs
RUN apt-get update
RUN apt-get install -y nano && \
    apt-get install -y git && \
    apt-get install -y procps

RUN mkdir -p /var/www/html

COPY nginx.conf /etc/nginx/nginx.conf
COPY default.conf /etc/nginx/conf.d/default.conf

docker/nginx/nginx.conf:

user www-data;
worker_processes 1;

# error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  65;
    #gzip  on;

    include /etc/nginx/conf.d/default.conf;
}

docker/nginx/default.conf:

server {
    listen       80;
    server_name  localhost;
    root   /var/www/html;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~* \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass php-fpm:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

docker/php-fpm/Dockerfile:

FROM php:7.0-fpm

# Install programs
RUN apt-get update
RUN apt-get install -y nano && \
    apt-get install -y procps

RUN mkdir -p /var/www/html

COPY php-fpm.conf /usr/local/etc/php-fpm.conf
COPY www.conf /usr/local/etc/php-fpm.d/www.conf

docker/php-fpm/php-fpm.conf:

[global]

include=etc/php-fpm.d/www.conf

docker/php-fpm/www.conf:

[global]
;daemonize = no
; if we send this to /proc/self/fd/1, it never appears
error_log = /proc/self/fd/2

[www]
user = www-data
group = www-data

listen = 127.0.0.1:9000
;listen = /var/run/php-fpm/php7-fpm.sock
;listen.owner = www-data
;listen.group = www-data
;listen.mode = 0660

access.log = /proc/self/fd/2

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

; Ensure worker stdout and stderr are sent to the main error log.
catch_workers_output = yes

1个回答



问题可能在www.conf文件中。
您正在收听127.0.0.1:9000,但这种方式不会 可在容器外部到达。</ p>

尝试绑定到0.0.0.0:9000:


nn
listen = 0.0.0.0:9000
</ 代码> </ pre>
</ div>

展开原文

原文

Problem could be in the www.conf file. You are listening to 127.0.0.1:9000 but this way from won't be reachable outside the container.

Try binding to 0.0.0.0:9000:

listen = 0.0.0.0:9000

douxun1407
douxun1407 你救了我的一天,谢谢!
2 年多之前 回复
duanna3634
duanna3634 0.0.0.0是一个特殊的地址,意思是:“收听每个网络接口”
接近 3 年之前 回复
duanlian1320
duanlian1320 那么,当我在这里指定0.0.0.0时它意味着什么? 这是您在机器需要收听来自其他机器的请求时使用的通用IP,但它没有分配特定的地址吗?
接近 3 年之前 回复
立即提问