Estoy ejecutando 3 servidores minio (Debian 9, con el binario) en máquinas dedicadas en modo distribuido. En una máquina separada, estoy ejecutando nginx ( nginx version: nginx/1.15.5 ) como proxy, como se describe en la documentación oficial.
MC funciona localmente en la máquina que ejecuta nginx, pero tan pronto como lo ejecuto en una máquina remota, no funciona. No puedo copiar, curar o hacer cualquier otra cosa. Otros clientes como s3cmd, el navegador web Minio, Transmit, ... funcionan de maravilla. Solo el cliente MC no es capaz de transferir archivos, etc.
versión mc
Versión: 2018-09-26T00:42:43Z
Etiqueta de publicación: RELEASE.2018-09-26T00-42-43Z
Confirmar-id: 87f7e65c4c837c8886bf2dd8800c445983b36187
Información del sistema
Aquí está la salida de la información de administración de mc
➜ mc admin info minio --debug
mc: <DEBUG> GET /minio/admin/v1/info HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) madmin-go/0.0.1 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013//s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T103300Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/json
Date: Sat, 13 Oct 2018 10:33:00 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D248043802835
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 647.517578ms
● 192.168.100.11:9000
Uptime : online since 1 day ago
Version : 2018-10-06T00:15:16Z
Region :
SQS ARNs : <none>
Stats : Incoming 2.6MiB, Outgoing 47KiB
Storage : Used 496MiB
Disks : 6, 0
● 192.168.100.10:9000
Uptime : online since 1 day ago
Version : 2018-10-06T00:15:16Z
Region :
SQS ARNs : <none>
Stats : Incoming 5.3MiB, Outgoing 102KiB
Storage : Used 496MiB
Disks : 6, 0
● 192.168.100.12:9000
Uptime : online since 1 day ago
Version : 2018-10-06T00:15:16Z
Region :
SQS ARNs : <none>
Stats : Incoming 60KiB, Outgoing 42KiB
Storage : Used 496MiB
Disks : 6, 0
Aquí está el registro de acceso de nginx para un comando mc cp
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET /tests/?location= HTTP/1.1" 200 139 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:35 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:35 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:36 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:37 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:38 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:45 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:48 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:50 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:04 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:13 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:18 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
Aquí está el registro de errores de nginx para ese comando
2018/10/13 12:43:48 [error] 16018#16018: *409 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:43:50 [error] 16018#16018: *411 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:04 [error] 16018#16018: *413 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:13 [error] 16018#16018: *415 recv() failed (104: Connection reset by peer) while reading upstream, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:18 [error] 16018#16018: *417 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
Aquí está el archivo /etc/nginx/nginx.conf
user nginx;
worker_processes 8;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
server_tokens off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!DES';
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d;
ssl_session_tickets off;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
gzip on;
gzip_disable "msie6";
gzip_comp_level 9;
gzip_types text/plain text/css application/javascript text/csv application/xml application/json application/vnd.ms-excel;
include /etc/nginx/sites-enabled/*.conf;
}
Aquí está la configuración para el sitio.
upstream minio_servers {
server 192.168.100.10:9000;
server 192.168.100.11:9000;
server 192.168.100.12:9000;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name **redacted-domain**;
ssl_certificate /etc/letsencrypt/live/**redacted-domain**/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/**redacted-domain**/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1;
client_max_body_size 1000m;
client_body_buffer_size 1000M;
location / {
proxy_set_header Host $http_host;
proxy_pass http://minio_servers;
proxy_buffering off;
}
}
Aquí está el registro de mc cp
➜ mc cp Scannable-Dokument.jpg minio/tests --debug > minio.log
mc: <DEBUG> GET /tests/?location= HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104333Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513B9130E6B
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 703.140014ms
mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513C091F556
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 123.206481ms
mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513C7E90B6B
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 117.662247ms
mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513CEFB2FD8
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 122.064239ms
mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513D646E2A5
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 117.517384ms
mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513DD5815F9
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 120.675639ms
mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:35 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513E48F76D8
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 118.697509ms
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104335Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104335Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104336Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104337Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104344Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104347Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104349Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104403Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104412Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104417Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <ERROR> Failed to copy `Scannable-Dokument.jpg`. Put https://**redacted-domain**/tests/Scannable-Dokument.jpg: Connection closed by foreign host https://**redacted-domain**/tests/Scannable-Dokument.jpg. Retry again.
(3) cp-main.go:414 cmd.doCopySession(..) Tags: [Scannable-Dokument.jpg]
(2) common-methods.go:196 cmd.uploadSourceToTargetURL(..) Tags: [https://**redacted-domain**/tests/Scannable-Dokument.jpg]
(1) common-methods.go:130 cmd.putTargetStream(..) Tags: [minio, https://**redacted-domain**/tests/Scannable-Dokument.jpg]
(0) client-s3.go:684 cmd.(*s3Client).Put(..)
Release-Tag:RELEASE.2018-09-26T00-42-43Z | Commit:87f7e65c4c83 | Host:Philips-MacBook-Pro.local | OS:darwin | Arch:amd64 | Lang:go1.10.2 | Mem:5.1MB/14MB | Heap:5.1MB/9.6MB
mc: <ERROR> Session safely terminated. To resume session `mc session resume rDXVeuhO`
¡Gracias!
philipkozeny
Todos 9 comentarios
¿Puede eliminar xattr -d com.apple.quarantine del archivo e intentarlo de nuevo?
harshavardhana
en 13 oct. 2018
👍1
Buena captura, eso es todo, ¡gracias! Parece que todos los archivos/carpetas que he probado tienen ese atributo de alguna manera. ¿Algún cambio en Mojave que podría haber provocado eso o simplemente mala suerte? Creo que sería genial si la carga no arrojara un error cuando un archivo tiene ese atributo y completara la carga. ¿Qué piensas?
philipkozeny
en 13 oct. 2018
Buena captura, eso es todo, ¡gracias! Parece que todos los archivos/carpetas que he probado tienen ese atributo de alguna manera. ¿Algún cambio en Mojave que podría haber provocado eso o simplemente mala suerte? Creo que sería genial si la carga no arrojara un error cuando un archivo tiene ese atributo y completara la carga. ¿Qué piensas?
Nginx está filtrando estos encabezados HTTP, tiene que averiguar por qué nginx está eliminando este encabezado.
harshavardhana
en 14 oct. 2018
Apple agregó el atributo de cuarentena hace algún tiempo (2007'ish según esto: https://developer.apple.com/library/archive/releasenotes/Carbon/RN-LaunchServices/index.html). Parece querer hacer esto con cualquier archivo descargado, si revisa su carpeta de descargas predeterminada, debería ver ese atributo establecido en bastantes archivos. De forma predeterminada, nginx elimina lo que considera caracteres no válidos (incluido "."). Entonces, cuando el attr com.apple.quarantine se envía como encabezado, nginx lo elimina de forma predeterminada: https://trac.nginx.org/nginx/ticket/629. Entonces, puedes agregar ignore_invalid_headers off; , algo como:
server {
listen 80;
server_name ebox;
ignore_invalid_headers off;
location / {
proxy_set_header Host $http_host;
proxy_pass http://hbox:9000;
client_max_body_size 1000m;
}
}
Aparte, esto también afectaría a cualquier atributo configurado manualmente a través de, por ejemplo setfattr (ya que requiere anteponer user. al atributo).
Deberíamos agregar esta configuración a la documentación.
eco-minio
en 18 oct. 2018
👍2
Este es un problema de Nginx, ya que no son totalmente compatibles con RFC en este escenario cuando se envían solicitudes de proxy. Con la opción anterior desactivada según lo sugerido por @eco-minio, ahora podemos usar Nginx correctamente.
También actualizaremos esto en nuestra documentación.
harshavardhana
en 18 oct. 2018
Como referencia, establezca ignore-invalid-headers en false si está utilizando el controlador de entrada nginx de Kubernetes (tal vez agregue eso también en la documentación).
zllovesuki
en 18 oct. 2018
👍1
@eco-minio Simplemente odio a quien haya respondido en el ticket nginx original: "Si estos encabezados coinciden o no con una gramática de un RFC en particular, es en su mayoría irrelevante". Bueno, no nos gusta la gramática RFC, así que lo haremos a NUESTRA manera. Entonces, ¿por qué tenemos estándares y/o RFC?
¿Caddy o Traefik sufren el mismo problema?
zllovesuki
en 22 oct. 2018
👍1
¿Caddy o Traefik sufren el mismo problema?
Ellos no @zllovesuki
harshavardhana
en 22 oct. 2018
Este hilo se ha bloqueado automáticamente ya que no ha habido ninguna actividad reciente después de que se cerró. Abra un nuevo problema para los errores relacionados.
![lock[bot] picture](https://avatars.githubusercontent.com/in/6672?v=4&s=40)
lock[bot]
en 25 abr. 2020
¿Fue útil esta página
0 / 5 - 0 calificaciones
Temas relacionados
nikwen
·
15Comentarios
silvernode
·
8Comentarios
TJC
·
10Comentarios
lavvy
·
15Comentarios
teto
·
7Comentarios
Comentario más útil
Apple agregó el atributo de cuarentena hace algún tiempo (2007'ish según esto: https://developer.apple.com/library/archive/releasenotes/Carbon/RN-LaunchServices/index.html). Parece querer hacer esto con cualquier archivo descargado, si revisa su carpeta de descargas predeterminada, debería ver ese atributo establecido en bastantes archivos. De forma predeterminada, nginx elimina lo que considera caracteres no válidos (incluido "."). Entonces, cuando el attr com.apple.quarantine se envía como encabezado, nginx lo elimina de forma predeterminada: https://trac.nginx.org/nginx/ticket/629. Entonces, puedes agregar
ignore_invalid_headers off;, algo como:Aparte, esto también afectaría a cualquier atributo configurado manualmente a través de, por ejemplo
setfattr(ya que requiere anteponeruser.al atributo).Deberíamos agregar esta configuración a la documentación.