<p>mc는 nginx 프록시에서 작동하지 않습니다</p>

에 만든 2018년 10월 13일 · 9코멘트 · 출처: minio/mc

저는 분산 모드의 전용 머신에서 3개의 미니오 서버(Debian 9, 바이너리 포함)를 실행하고 있습니다. 공식 문서에 설명된 대로 별도의 컴퓨터에서 nginx( nginx version: nginx/1.15.5 )를 프록시로 실행하고 있습니다.

MC는 nginx를 실행하는 시스템에서 로컬로 작동하지만 원격 시스템에서 실행하는 즉시 작동하지 않습니다. 나는 복사하거나 치유하거나 다른 것을 할 수 없습니다. s3cmd, Minio Web Browser, Transmit과 같은 다른 클라이언트는 매력처럼 작동합니다. MC 클라이언트만 파일 등을 전송할 수 없습니다.

MC 버전

버전: 2018-09-26T00:42:43Z
릴리스 태그: RELEASE.2018-09-26T00-42-43Z
커밋 ID: 87f7e65c4c837c8886bf2dd8800c445983b36187

시스템 정보

다음은 mc admin info의 출력입니다.

➜ mc admin info minio --debug
mc: <DEBUG> GET /minio/admin/v1/info HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) madmin-go/0.0.1 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013//s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T103300Z
Accept-Encoding: gzip

mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/json
Date: Sat, 13 Oct 2018 10:33:00 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D248043802835
X-Xss-Protection: 1; mode=block

mc: <DEBUG> Response Time:  647.517578ms

●  192.168.100.11:9000
   Uptime : online since 1 day ago
  Version : 2018-10-06T00:15:16Z
   Region :
 SQS ARNs : <none>
    Stats : Incoming 2.6MiB, Outgoing 47KiB
  Storage : Used 496MiB
    Disks : 6, 0


●  192.168.100.10:9000
   Uptime : online since 1 day ago
  Version : 2018-10-06T00:15:16Z
   Region :
 SQS ARNs : <none>
    Stats : Incoming 5.3MiB, Outgoing 102KiB
  Storage : Used 496MiB
    Disks : 6, 0


●  192.168.100.12:9000
   Uptime : online since 1 day ago
  Version : 2018-10-06T00:15:16Z
   Region :
 SQS ARNs : <none>
    Stats : Incoming 60KiB, Outgoing 42KiB
  Storage : Used 496MiB
    Disks : 6, 0

다음은 mc cp 명령에 대한 nginx 액세스 로그입니다.

**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET /tests/?location= HTTP/1.1" 200 139 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:35 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:35 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:36 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:37 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:38 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:45 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:48 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:50 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:04 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:13 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:18 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"

다음은 해당 명령에 대한 nginx 오류 로그입니다.

2018/10/13 12:43:48 [error] 16018#16018: *409 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:43:50 [error] 16018#16018: *411 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:04 [error] 16018#16018: *413 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:13 [error] 16018#16018: *415 recv() failed (104: Connection reset by peer) while reading upstream, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:18 [error] 16018#16018: *417 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"

다음은 /etc/nginx/nginx.conf 파일입니다.

user  nginx;
worker_processes  8;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;

    keepalive_timeout  65;

    server_tokens off;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!DES';
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 1d;
    ssl_session_tickets off;

    ssl_dhparam /etc/ssl/certs/dhparam.pem;

    gzip on;
    gzip_disable "msie6";

    gzip_comp_level 9;
    gzip_types text/plain text/css application/javascript text/csv application/xml application/json application/vnd.ms-excel;

    include /etc/nginx/sites-enabled/*.conf;
}

다음은 사이트 구성입니다.

upstream minio_servers {
    server 192.168.100.10:9000;
    server 192.168.100.11:9000;
    server 192.168.100.12:9000;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name **redacted-domain**;

    ssl_certificate /etc/letsencrypt/live/**redacted-domain**/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/**redacted-domain**/privkey.pem;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;

    ssl_protocols TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384';

    ssl_prefer_server_ciphers on;

    add_header Strict-Transport-Security max-age=15768000;

    ssl_stapling on;
    ssl_stapling_verify on;

    resolver 1.1.1.1;

    client_max_body_size 1000m;
    client_body_buffer_size 1000M;

    location / {
        proxy_set_header Host $http_host;
        proxy_pass http://minio_servers;
        proxy_buffering off;
    }
}

다음은 mc cp의 로그입니다.

➜  mc cp Scannable-Dokument.jpg minio/tests --debug > minio.log
mc: <DEBUG> GET /tests/?location= HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104333Z
Accept-Encoding: gzip

mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513B9130E6B
X-Xss-Protection: 1; mode=block

mc: <DEBUG> Response Time:  703.140014ms

mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z

mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513C091F556
X-Xss-Protection: 1; mode=block

mc: <DEBUG> Response Time:  123.206481ms

mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip

mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513C7E90B6B
X-Xss-Protection: 1; mode=block

mc: <DEBUG> Response Time:  117.662247ms

mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z

mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513CEFB2FD8
X-Xss-Protection: 1; mode=block

mc: <DEBUG> Response Time:  122.064239ms

mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip

mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513D646E2A5
X-Xss-Protection: 1; mode=block

mc: <DEBUG> Response Time:  117.517384ms

mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z

mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513DD5815F9
X-Xss-Protection: 1; mode=block

mc: <DEBUG> Response Time:  120.675639ms

mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip

mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:35 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513E48F76D8
X-Xss-Protection: 1; mode=block

mc: <DEBUG> Response Time:  118.697509ms

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104335Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104335Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104336Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104337Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104344Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104347Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104349Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104403Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104412Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104417Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip

mc: <ERROR> Failed to copy `Scannable-Dokument.jpg`. Put https://**redacted-domain**/tests/Scannable-Dokument.jpg: Connection closed by foreign host https://**redacted-domain**/tests/Scannable-Dokument.jpg. Retry again.
 (3) cp-main.go:414 cmd.doCopySession(..) Tags: [Scannable-Dokument.jpg]
 (2) common-methods.go:196 cmd.uploadSourceToTargetURL(..) Tags: [https://**redacted-domain**/tests/Scannable-Dokument.jpg]
 (1) common-methods.go:130 cmd.putTargetStream(..) Tags: [minio, https://**redacted-domain**/tests/Scannable-Dokument.jpg]
 (0) client-s3.go:684 cmd.(*s3Client).Put(..)
 Release-Tag:RELEASE.2018-09-26T00-42-43Z | Commit:87f7e65c4c83 | Host:Philips-MacBook-Pro.local | OS:darwin | Arch:amd64 | Lang:go1.10.2 | Mem:5.1MB/14MB | Heap:5.1MB/9.6MB
mc: <ERROR> Session safely terminated. To resume session `mc session resume rDXVeuhO`

감사 해요!

fixed medium

출처

philipkozeny

가장 유용한 댓글

검역 속성을 추가하는 Apple은 언젠가 다시 추가되었습니다(2007'에 따라 - https://developer.apple.com/library/archive/releasenotes/Carbon/RN-LaunchServices/index.html). 다운로드한 모든 파일에 이 작업을 수행하려는 것 같습니다. 기본 다운로드 폴더를 확인하면 해당 속성이 꽤 많은 파일에 설정되어 있는 것을 볼 수 있습니다. 기본적으로 nginx는 유효하지 않은 문자("." 포함)로 간주되는 것을 제거합니다. 따라서 com.apple.quarantine 속성이 헤더로 전송되면 기본적으로 nginx가 이를 제거합니다( https://trac.nginx.org/nginx/ticket/629). 따라서 다음과 같이 ignore_invalid_headers off; 를 추가할 수 있습니다.

server {
 listen 80;
 server_name ebox;
 ignore_invalid_headers off;
 location / {
   proxy_set_header Host $http_host;
   proxy_pass http://hbox:9000;
   client_max_body_size 1000m;
 }
}

제쳐두고, 이것은 setfattr 를 통해 수동으로 설정된 모든 속성에도 영향을 미칩니다(속성 앞에 user. 를 추가해야 하기 때문에).
이 구성을 문서에 추가해야 합니다.

eco-minio 에 2018년 10월 18일

👍2

모든 9 댓글

파일에서 xattr -d com.apple.quarantine 을 제거하고 다시 시도할 수 있습니까?

harshavardhana 에 2018년 10월 13일

👍1

좋은 캐치, 그게 다야 - 고마워! 내가 테스트한 모든 파일/폴더에는 어떻게든 그 속성이 있는 것 같습니다. Mojave의 변경 사항이 그 원인이나 불운을 촉발할 수 있었습니까? 파일에 해당 속성이 있을 때 업로드 오류가 발생하지 않고 업로드가 완료되면 좋을 것 같아요. 어떻게 생각해?

philipkozeny 에 2018년 10월 13일

좋은 캐치, 그게 다야 - 고마워! 내가 테스트한 모든 파일/폴더에는 어떻게든 그 속성이 있는 것 같습니다. Mojave의 변경 사항이 그 원인이나 불운을 촉발할 수 있었습니까? 파일에 해당 속성이 있을 때 업로드 오류가 발생하지 않고 업로드가 완료되면 좋을 것 같아요. 어떻게 생각해?

이러한 HTTP 헤더를 필터링하는 것은 nginx이며, nginx가 이 헤더를 제거하는 이유를 파악해야 합니다.

harshavardhana 에 2018년 10월 14일

server {
 listen 80;
 server_name ebox;
 ignore_invalid_headers off;
 location / {
   proxy_set_header Host $http_host;
   proxy_pass http://hbox:9000;
   client_max_body_size 1000m;
 }
}

eco-minio 에 2018년 10월 18일

👍2

이것은 요청을 프록시할 때 이 시나리오에서 RFC를 완전히 준수하지 않기 때문에 Nginx 문제입니다. @eco-minio가 제안한 대로 위의 옵션을 끄면 이제 Nginx를 제대로 사용할 수 있습니다.

문서에서도 이를 업데이트할 것입니다.

harshavardhana 에 2018년 10월 18일

참고로 Kubernetes nginx 수신 컨트롤러를 사용하는 경우 ignore-invalid-headers 를 false 로 설정합니다(문서에도 추가할 수 있음).

zllovesuki 에 2018년 10월 18일

👍1

@eco-minio 원래 nginx 티켓에 응답한 사람이 싫습니다. "이 헤더가 특정 RFC의 문법과 일치하는지 여부는 대부분 관련이 없습니다." 글쎄, 우리는 RFC 문법을 좋아하지 않으므로 우리 방식대로 할 것입니다. 그렇다면 표준 및/또는 RFC가 있는 이유는 무엇입니까?

Caddy나 Traefik도 같은 문제를 겪고 있습니까?

zllovesuki 에 2018년 10월 22일

👍1

Caddy나 Traefik도 같은 문제를 겪고 있습니까?

@zllovesuki

harshavardhana 에 2018년 10월 22일

이 스레드는 닫힌 후 최근 활동이 없었기 때문에 자동으로 잠겼습니다. 관련 버그에 대한 새 문제를 여십시오.

lock[bot] 에 2020년 04월 25일

이 페이지가 도움이 되었나요?

0 / 5 - 0 등급

<p>mc는 nginx 프록시에서 작동하지 않습니다</p>

MC 버전

시스템 정보

가장 유용한 댓글

모든 9 댓글

관련 문제