0x01 故障描述
Nginx反向代理ESXi后,通过Web访问虚拟机控制台,显示无法连接。F12查看提示WebSocket connection to 'wss://xxxxxxx' failed。
0x02 解决方案
在反向配置中Nginx Location下添加如下代码:
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
这个的功能是开启nginx对于websocket的支持,esxi后台虚拟机控制台的图形化窗口就是通过websocket通信的,如果nginx不支持websocket,会导致无
法使用esxi的控制台功能。
0x03 完整反向代理代码
[root@nginx conf.d]# cat esxi_172.16.10.11.conf
server {
listen 8011 ssl;
server_name esxi.itho.cn 127.0.0.1 localhost;
ssl_certificate /etc/nginx/conf.d/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/conf.d/ssl/privkey.pem;
location / {
proxy_pass https://172.16.10.11;
proxy_set_header Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
error_page 400 https://$host:8011$request_uri;
error_page 497 https://$host:8011$request_uri;
}
发表评论