在Docker容器上的应用程序之间拒绝curl连接
我有一个网站(ZF1)和运行在同一个Docker(Laradock)容器上的API(Laravel)。 我可以通过浏览器分别访问,但是当我从网站向应用程序发出cURL请求时,我得到一个空的响应,并且头返回0.如果我输出cURL错误,那么我得到这个:
$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, '[API_ENDPOINT]'); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_close ($ch); echo curl_strerror(curl_errno($ch)); (7) Failed to connect to [API_HOST] port 80: Connection refused 但是,如果我从应用程序向https://www.google.com发出cURL请求,则会返回结果。 我也尝试使用file_get_contents(),但我没有收到任何回应,并提出以下警告:
[Thu May 18 21:41:33.828737 2017] [proxy_fcgi:error] [pid 949:tid 139999802541824] [client 172.20.0.1:49652] AH01071: Got error 'PHP message: PHP Warning: file_get_contents ([API_ENDPOINT]): failed to open stream: Connection refused in /var/www/projects/[APPLICATION_PATH]/[CONTROLLER].php on line 2367\n', referer: [WEBSITE_HOST]/[URI]
我也SSH进入Apache2容器,并能够成功地调用API_ENDPOINT cURL并获得预期的数据。 然后我尝试使用wget获取标题信息,并收到以下内容:
root@cd3a4177dcfa:/var/log/apache2# wget --header="Host: http://subdomain.example.dev/api/calendarevents" -Os http://localhost --2017-05-19 07:28:15-- http://localhost/ Resolving localhost (localhost)... ::1, 127.0.0.1 Connecting to localhost (localhost)|::1|:80... connected. HTTP request sent, awaiting response... No data received. Retrying. --2017-05-19 07:28:16-- (try: 2) http://localhost/ Connecting to localhost (localhost)|::1|:80... connected. HTTP request sent, awaiting response... No data received. Retrying.
如果这是一个Apache2问题,这里是我的API VirtualHost:
Listen 80 <VirtualHost *:80> ServerName subdomain.example.dev DocumentRoot /var/www/projects/[API_PROJECT]/public/ CustomLog /var/log/apache2/[API_HOST]-access.log combined ErrorLog /var/log/apache2/[API_HOST]-error.log Options Indexes FollowSymLinks <Directory "/var/www/projects/[API_PROJECT]/public/"> Options FollowSymLinks AllowOverride All Require all Granted </Directory> # set environment #SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 // Did not notice a difference in behavior when enabled #CGIPassAuth on // Sites stopped loading when enabled </VirtualHost>
和网站VirtualHost:
Listen 80 <VirtualHost *:80> ServerName [WEBSITE_HOST] DocumentRoot /var/www/projects/[WEBSITE_PROJECT] ErrorLog /var/log/apache2/[WEBSITE_HOST]-error.log Options Indexes FollowSymLinks <Directory "/var/www/projects/[WEBSITE_PROJECT]/repo"> Options FollowSymLinks AllowOverride All Require all Granted </Directory> # set environment SetEnv APPLICATION_ENV development SetEnv APPLICATION_LOGGING false #SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 // Did not notice a difference in behavior when enabled #CGIPassAuth on // Sites stopped loading when enabled </VirtualHost>
这是Docker信息(Windows 10 / Hyper V / Docker版本17.03.1-ce-win12(12058)Channel:stable)
Containers: 9 Running: 5 Paused: 0 Stopped: 4 Images: 233 Server Version: 17.03.1-ce Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe init version: 949e6fa Security Options: seccomp Profile: default Kernel Version: 4.9.27-moby Operating System: Alpine Linux v3.5 OSType: linux Architecture: x86_64 CPUs: 2 Total Memory: 3.837 GiB Name: moby ID: PE42:IS45:4OO6:JMEQ:NWNB:NQDF:RPEL:JPHJ:L6OP:A5SL:IDP3:F7SV Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): true File Descriptors: 86 Goroutines: 74 System Time: 2017-05-19T04:52:50.5943959Z EventsListeners: 0 Registry: https://index.docker.io/v1/ Experimental: true Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false
这些是我目前正在运行的容器:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES cd3a4177dcfa laradock_apache2 "/opt/docker/bin/e..." 8 hours ago Up 8 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp laradock_apache2_1 8ef66cb80a2e laradock_php-fpm "docker-php-entryp..." 8 hours ago Up 8 hours 9000/tcp laradock_php-fpm_1 988eff458036 laradock_workspace "/sbin/my_init" 8 hours ago Up 8 hours 0.0.0.0:2222->22/tcp laradock_workspace_1 8be5253e8622 laradock_redis "docker-entrypoint..." 8 hours ago Up 8 hours 0.0.0.0:6379->6379/tcp laradock_redis_1 aa6d8d6ae950 laradock_mysql "docker-entrypoint..." 8 hours ago Up 8 hours 0.0.0.0:3306->3306/tcp laradock_mysql_1
我不确定在同一个容器上两个站点之间的连接被拒绝是什么原因。 我检查了我的php.ini,curl和allow_url_fopen = on都被启用了。 我可以通过浏览器和CLI cURL直接访问API_ENDPOINT,并获得预期的结果。 在这一点上,我最好的猜测是某种端口冲突,授权头阻塞,Apache2configuration,或某种奇怪的Docker / Laradock问题。 我也认为这可能是Apache2和PHP-FPM之间的冲突,但是这里详述的解决scheme似乎不适用于我。
提前感谢您提供的任何帮助。
我想清楚是什么导致了我的问题 。 我需要添加一个额外的主机到我的docker-compose.yml文件的PHP-FPM部分。 所以加上:
- "subdomain.example.app:10.0.75.1"
给额外的主人。 那么你需要重build你的容器:
docker-compose up -d --build apache2 mysql redis
这就是你的docker-compose.yml for Laradock的PHP-FPM部分应该是这样的:
php-fpm: build: context: ./php-fpm args: - INSTALL_XDEBUG=${PHP_FPM_INSTALL_XDEBUG} - INSTALL_BLACKFIRE=${INSTALL_BLACKFIRE} - INSTALL_SOAP=${PHP_FPM_INSTALL_SOAP} - INSTALL_MONGO=${PHP_FPM_INSTALL_MONGO} - INSTALL_ZIP_ARCHIVE=${PHP_FPM_INSTALL_ZIP_ARCHIVE} - INSTALL_BCMATH=${PHP_FPM_INSTALL_BCMATH} - INSTALL_PHPREDIS=${PHP_FPM_INSTALL_PHPREDIS} - INSTALL_MEMCACHED=${PHP_FPM_INSTALL_MEMCACHED} - INSTALL_OPCACHE=${PHP_FPM_INSTALL_OPCACHE} - INSTALL_EXIF=${PHP_FPM_INSTALL_EXIF} - INSTALL_AEROSPIKE_EXTENSION=${PHP_FPM_INSTALL_AEROSPIKE_EXTENSION} - INSTALL_MYSQLI=true - INSTALL_TOKENIZER=${PHP_FPM_INSTALL_TOKENIZER} - INSTALL_INTL=${PHP_FPM_INSTALL_INTL} - INSTALL_GHOSTSCRIPT=${PHP_FPM_INSTALL_GHOSTSCRIPT} dockerfile: "Dockerfile-${PHP_VERSION}" volumes_from: - applications volumes: - ./php-fpm/php${PHP_VERSION}.ini:/usr/local/etc/php/php.ini expose: - "9000" depends_on: - workspace extra_hosts: - "dockerhost:${DOCKER_HOST_IP}" - "subdomain.example.app:10.0.75.1" environment: - PHP_IDE_CONFIG=${PHP_IDE_CONFIG} networks: - backend