Nacos—9848端口引发的问题

概述

Nacos2.0版本使用GRPC作为后端通讯，并且使用9848端口。而如果我们使用nginx将nacos进行对外转发的话，如果没有放出9848端口（只代理出8848）客户端也无法连接到nacos服务。

但是一定要注意：

9848端口要使用tcp协议进行代理。

当把服务打包成独立运行包的时候，不能使用openvpn作为nacos服务器的跳转，否则会报如下错：

java.lang.IllegalArgumentException: Address types of NameResolver 'unix' for '192.168.58.2:9848' not supported by transport

代理方法

worker_processes  4;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {
    worker_connections  2048;
    multi_accept on;
    use epoll;
}

stream {

    upstream nacos9848 {
        hash $remote_addr consistent;
        server 192.168.3.2:9848 weight=5 max_fails=1 fail_timeout=10s;
    }

    server {
        listen 9848;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass nacos9848;
    }

}

http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    gzip             on;
    gzip_min_length  1k;
    gzip_comp_level  5;
    gzip_buffers 4 16K;
    gzip_proxied     expired no-cache no-store private auth;
    gzip_types       text/plain application/x-javascript text/css application/xml application/javascript application/json;

    upstream nacos {
        keepalive 64;
        server 192.168.3.2:8848;
    }
    server {
        listen       443  ssl;
        server_name  nacos.baidu.com;
        proxy_redirect off;

        ssl_certificate ssl/baidu_com.pem;
        ssl_certificate_key ssl/baidu_com.key;
        ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;

        location / {
            sendfile off;
            proxy_pass         http://nacos;
            proxy_redirect     default;
            proxy_http_version 1.1;

            proxy_set_header   Upgrade           $http_upgrade;

            proxy_set_header   Host              $host;
            proxy_set_header   X-Real-IP         $remote_addr;
            proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto $scheme;
            proxy_max_temp_file_size 0;
            #this is the maximum upload size
            client_max_body_size       10m;
            client_body_buffer_size    128k;

            proxy_connect_timeout      90;
            proxy_send_timeout         90;
            proxy_read_timeout         90;
            proxy_buffering            off;
            proxy_request_buffering    off; # Required for HTTP CLI commands
            proxy_set_header Connection ""; # Clear for keepalive

        }
    }

}