mc cp
devrait permettre un téléchargement réussi.
comm-wche84-lt:essays rachel$ mc --debug cp /Users/rachel/Downloads/giphy.gif Rachel/hexo/stop-it.gif
mc: <DEBUG> GET /hexo/?location= HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-07-13T00:53:22Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20180720/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20180720T231455Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Fri, 20 Jul 2018 23:14:58 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Accept-Encoding
Vary: Origin
X-Amz-Request-Id: 154336C08C9A46BE
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 620.68303ms
mc: <DEBUG> GET /hexo/?delimiter=%2F&max-keys=1000&prefix=stop-it.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-07-13T00:53:22Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20180720/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20180720T231456Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Fri, 20 Jul 2018 23:14:58 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Accept-Encoding
Vary: Origin
X-Amz-Request-Id: 154336C08DD18908
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 17.170555ms
mc: <DEBUG> HEAD /hexo/stop-it.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-07-13T00:53:22Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20180720/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20180720T231456Z
mc: <DEBUG> HTTP/1.1 404 Not Found
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Fri, 20 Jul 2018 23:14:58 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin
X-Amz-Request-Id: 154336C08F2D3BF8
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 22.167836ms
mc: <DEBUG> GET /hexo/?delimiter=%2F&max-keys=1000&prefix=stop-it.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-07-13T00:53:22Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20180720/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20180720T231456Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Fri, 20 Jul 2018 23:14:58 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Accept-Encoding
Vary: Origin
X-Amz-Request-Id: 154336C0907ABE20
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 26.127676ms
mc: <DEBUG> HEAD /hexo/stop-it.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-07-13T00:53:22Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20180720/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20180720T231456Z
mc: <DEBUG> HTTP/1.1 404 Not Found
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Fri, 20 Jul 2018 23:14:58 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin
X-Amz-Request-Id: 154336C09206FE55
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 21.589167ms
...oads/giphy.gif: 1.16 MB / 1.16 MB ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ 100.00% 1.53 MB/s 0smc: <DEBUG> PUT /hexo/stop-it.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-07-13T00:53:22Z
Content-Length: 1219402
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20180720/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/gif
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20180720T231456Z
X-Amz-Meta-Com.apple.quarantine: 0082;5b526676;Safari;
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 400 Bad Request
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Fri, 20 Jul 2018 23:15:00 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin
X-Amz-Request-Id: 154336C0FBF99F70
X-Xss-Protection: 1; mode=block
11d
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>There were headers present in the request which were not signed</Message><Key></Key><BucketName></BucketName><Resource>/hexo/stop-it.gif</Resource><RequestId>3L137</RequestId><HostId>3L137</HostId></Error>
0
mc: <DEBUG> Response Time: 1.792951893s
mc: <ERROR> Failed to copy `/Users/rachel/Downloads/giphy.gif`. Insufficient permissions to access this file `https://rachel.objectstore.co/hexo/stop-it.gif`
(3) cp-main.go:404 cmd.doCopySession(..) Tags: [/Users/rachel/Downloads/giphy.gif]
(2) common-methods.go:196 cmd.uploadSourceToTargetURL(..) Tags: [https://rachel.objectstore.co/hexo/stop-it.gif]
(1) common-methods.go:130 cmd.putTargetStream(..) Tags: [Rachel, https://rachel.objectstore.co/hexo/stop-it.gif]
(0) client-s3.go:656 cmd.(*s3Client).Put(..)
Release-Tag:RELEASE.2018-07-13T00-53-22Z | Commit:70dcf20d747d | Host:comm-wche84-lt.local | OS:darwin | Arch:amd64 | Lang:go1.10.2 | Mem:6.6MB/17MB | Heap:6.6MB/12MB
...oads/giphy.gif: 1.16 MB / 1.16 MB ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ 100.00% 663.50 KB/s 1s
mc cp src dst_on_minio
comm-wche84-lt:essays Rachel$ mc version
Version: 2018-07-13T00:53:22Z
Release-tag: RELEASE.2018-07-13T00-53-22Z
Commit-id: 70dcf20d747d305f73a117b4787acf46e6809d99
Darwin
@harshavardhana a mentionné qu'il aurait dû être corrigé dans #2193 mais pas de cigare.
peut-être que nginx a ajouté quelque chose de juteux aux en-têtes, puis Minio se plaint ?
@zllovesuki avez-vous un proxy Nginx entre Minio ? pouvez-vous pointer directement vers Minio et voir si cela fonctionne ?
@harshavardhana eh bien, il fonctionne sur Kubernetes, donc l'entrée est toujours là. Je ne pense pas que nginx soit le problème car les versions antérieures de mc
fonctionnent correctement avec Nginx entre l'utilisateur et Minio.
@harshavardhana eh bien, il fonctionne sur Kubernetes, donc l'entrée est toujours là. Je ne pense pas que nginx soit le problème car les versions antérieures de mc fonctionnent bien avec Nginx entre l'utilisateur et Minio.
Alors peut-être que je dois reproduire cela localement, peut-être que les récents changements dans la signature v4 sont à l'origine du problème. @zllovesuki
Toujours en panne à partir de la version actuelle sur homebrew.
Rachels-MacBook:~ rachel$ mc version
Version: 2018-09-10T23:39:12Z
Release-tag: RELEASE.2018-09-10T23-39-12Z
Commit-id: c352cadd4be2c6bed64884c78d1e8a8ac6efaf3f
Toujours en panne à partir de la version actuelle sur homebrew.
D'après ce que je peux voir, cela a à voir avec votre proxy nginx, je ne sais pas ce qu'il essaie de faire avec les en-têtes. Je n'arrive pas à le reproduire.
Toujours cassé pour moi aussi, reproductible avec Minio derrière nginx et mc
sur MacOS.
mc version
Version: 2018-09-26T00:42:43Z
Release-tag: RELEASE.2018-09-26T00-42-43Z
Commit-id: 87f7e65c4c837c8886bf2dd8800c445983b36187
Les versions précédentes de mc
fonctionnaient bien. L'interface Web de Minio fonctionne également très bien.
@zllovesuki Avez-vous trouvé une solution ?
Ma configuration nginx :
```
minio_servers en amont {
serveur 127.0.0.1:9001 ;
serveur 127.0.0.1:9002 ;
serveur 127.0.0.1:9003 ;
serveur 127.0.0.1:9004 ;
}
serveur {
nom_serveur mon.minio.serveur ;
client_max_body_size 512M ;
location / {
proxy_set_header Host $http_host;
proxy_pass http://minio_servers;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/my.minio.server/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/my.minio.server/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
J'ai trouvé le problème !
Il s'agit de l'en-tête supplémentaire qui n'est ajouté que pour les fichiers avec un attribut xattr personnalisé sur MacOS : X-Amz-Meta-Com.apple.quarantine: 0082;5bbe2ec5;Keka;
Vérifiez les attributs existants avec : xattr file.zip
Vous pouvez vous débarrasser des attributs (ici : com.apple.quarantine
) en :
xattr -d com.apple.quarantine file.zip
Après cela, le téléchargement avec mc
fonctionne très bien.
Intéressant, je vérifierai mon ordinateur plus tard.
Peut confirmer.
Rachels-MacBook:~ rachel$ xattr -d com.apple.quarantine ~/Downloads/ezgif.com-optimize.gif
Rachels-MacBook:~ rachel$ mc --debug cp ~/Downloads/ezgif.com-optimize.gif rachel/dist/hue.gif
mc: <DEBUG> GET /dist/?location= HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-10T23:39:12Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T010120Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 01:01:21 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Accept-Encoding
Vary: Origin
X-Amz-Request-Id: 155D054E3C2F83F1
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 411.104274ms
mc: <DEBUG> GET /dist/?delimiter=%2F&max-keys=1000&prefix=hue.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-10T23:39:12Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T010121Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 01:01:21 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Accept-Encoding
Vary: Origin
X-Amz-Request-Id: 155D054E3E630800
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 30.125179ms
mc: <DEBUG> HEAD /dist/hue.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-10T23:39:12Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T010121Z
mc: <DEBUG> HTTP/1.1 404 Not Found
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 01:01:21 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin
X-Amz-Request-Id: 155D054E4051BC08
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 32.376025ms
mc: <DEBUG> GET /dist/?delimiter=%2F&max-keys=1000&prefix=hue.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-10T23:39:12Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T010121Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 01:01:21 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Accept-Encoding
Vary: Origin
X-Amz-Request-Id: 155D054E424FF8C5
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 33.95394ms
mc: <DEBUG> HEAD /dist/hue.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-10T23:39:12Z
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T010121Z
mc: <DEBUG> HTTP/1.1 404 Not Found
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 01:01:21 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin
X-Amz-Request-Id: 155D054E444DEED8
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 28.903296ms
...optimize.gif: 1.99 MB / 1.99 MB ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ 100.00% 3.15 MB/s 0smc: <DEBUG> PUT /dist/hue.gif HTTP/1.1
Host: rachel.objectstore.co
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-10T23:39:12Z
Content-Length: 2083206
Authorization: AWS4-HMAC-SHA256 Credential=rachel/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
Content-Type: image/gif
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T010121Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Content-Length: 0
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 01:01:22 GMT
Etag: "c0e09c3ba99d1133c8c848e29fb27430"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin
X-Amz-Request-Id: 155D054E84C7E947
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 1.088734018s
...optimize.gif: 1.99 MB / 1.99 MB ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ 100.00% 1.82 MB/s 1s
Est-ce une bonne idée pour mc
de supprimer de tels attributs ?
Est-ce une bonne idée pour
mc
de supprimer de tels attributs ?
Nous pouvons le soutenir @zllovesuki - ce doit être un bug.
on dirait que cela fonctionne bien lorsque j'utilise directement Minio
mc: <DEBUG> POST /sjm-airlines/rhel-server-7.4-x86_64-dvd.iso?uploads= HTTP/1.1
Host: localhost:9000
User-Agent: Minio (linux; amd64) minio-go/v6.0.8 mc/2018-10-11T22:45:56Z
Content-Length: 0
Authorization: AWS4-HMAC-SHA256 Credential=minio/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-user.xdg.origin.url, Signature=**REDACTED**
Content-Type: application/x-iso9660-image
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T010537Z
X-Amz-Meta-User.xdg.origin.url: https://access.cdn.redhat.com//content/origin/files/sha256/43/431a58c8c0351803a608ffa56948c5a7861876f78ccbe784724dd8c987ff7000/rhel-server-7.4-x86_64-dvd.iso?_auth_=1520282889_258e1e3f3dc397397d0dace5891c60aa
Accept-Encoding: gzip
Le problème semble venir de nginx essayant de faire quelque chose avec ces en-têtes, pouvez-vous activer MINIO_HTTP_TRACE=/dev/stdout pour voir ce que nginx envoie à Minio ?
@zllovesuki ^^
@harshavardhana stdout
va exploser si je fais TRACE sur le serveur prod. Peut-être pouvez-vous référencer la configuration de @tholu ?
@harshavardhana
stdout
va exploser si je fais TRACE sur le serveur prod. Peut-être pouvez-vous référencer la configuration de @tholu ?
@zllovesuki tu peux même écrire dans un fichier @zllovesuki ? MINIO_HTTP_TRACE=trace.log
J'ai enfin le temps de m'asseoir...
Voici le fichier de trace. minio-trace.txt
Pour référence, voici le yaml pour le test minio :
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: minio-test
namespace: objectstore
spec:
rules:
- host: test.objectstore.co
http:
paths:
- backend:
serviceName: minio-test
servicePort: 9000
path: /
tls:
- hosts:
- test.objectstore.co
secretName: objectstore-tls-gs
---
apiVersion: v1
kind: Service
metadata:
name: minio-test
namespace: objectstore
spec:
ports:
- port: 9000
protocol: TCP
targetPort: 9000
selector:
app: minio-test
sessionAffinity: None
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: minio-test
name: minio-test
namespace: objectstore
spec:
replicas: 1
selector:
matchLabels:
app: minio-test
strategy:
type: Recreate
template:
metadata:
labels:
app: minio-test
spec:
containers:
- args:
- server
- /storage
command:
- minio
env:
- name: MINIO_ACCESS_KEY
value: test
- name: MINIO_SECRET_KEY
value: testtest123
- name: MINIO_BROWSER
value: "off"
- name: _MINIO_CACHE
value: "off"
- name: MINIO_HTTP_TRACE
value: "/dev/stdout"
image: minio/minio:RELEASE.2018-07-13T00-09-07Z
imagePullPolicy: IfNotPresent
name: minio
ports:
- containerPort: 9000
protocol: TCP
volumeMounts:
- mountPath: /storage
name: storage
dnsPolicy: ClusterFirst
restartPolicy: Always
volumes:
- name: storage
emptyDir: {}
Contrôleur d'entrée de : https://github.com/kubernetes/ingress-nginx. Image en cours d'exécution quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.19.0
, avec la configuration suivante :
apiVersion: v1
data:
disable-access-log: "true"
enable-dynamic-tls-records: "true"
enable-modsecurity: "false"
enable-owasp-modsecurity-crs: "false"
enable-vts-status: "true"
error-log-level: warn
keep-alive: "60"
load-balance: ip_hash
max-worker-connections: "20480"
proxy-body-size: 2g
proxy-buffer-size: 64k
proxy-connect-timeout: "5"
proxy-read-timeout: "3600"
proxy-send-timeout: "3600"
proxy-stream-timeout: "604800"
server-name-hash-max-size: "512"
server-tokens: "false"
ssl-ciphers: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
ssl-dh-param: default/nginx-dhparam-4096
ssl-ecdh-curve: prime256v1:secp384r1:secp521r1
ssl-protocols: TLSv1 TLSv1.1 TLSv1.2
ssl-session-tickets: "false"
worker-processes: "4"
kind: ConfigMap
metadata:
name: nginx-conf
namespace: default
@zllovesuki nous avons trouvé la solution https://github.com/minio/mc/issues/2569 et en fait son problème Nginx
pour les personnes qui recherchent sur Google : définissez ignore-invalid-headers
sur false
dans votre configmap
Ce fil a été automatiquement verrouillé car il n'y a eu aucune activité récente après sa fermeture. Veuillez ouvrir un nouveau problème pour les bogues liés.
Commentaire le plus utile
pour les personnes qui recherchent sur Google : définissez
ignore-invalid-headers
surfalse
dans votre configmap