Google-Cloud-Platform

應用程序在本地工作,但在雲執行中失敗並出現 502 -“上游連接錯誤或在標頭之前斷開/重置。重置原因:協議錯誤”

  • November 22, 2021

我有一個建構為 Docker 映像的應用程序,可以在本地正常工作,但在 Google Cloud Run 中失敗,出現“上游連接錯誤或在標頭之前斷開/重置。重置原因:協議錯誤”

該應用程序正在偵聽 0.0.0.0:8080,並且不需要身份驗證。我在本地的 Docker 中執行它

docker run --rm --name myapp -p 8080:8080 myapp:1.0

在本地使用 curl,我在 / 上得到了成功的響應

$ curl -v localhost:8080
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8080 (#0)
> GET / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: application/json
< Vary: Origin
< Date: Sat, 24 Jul 2021 13:54:11 GMT
< Content-Length: 2
<
* Connection #0 to host localhost left intact
OK* Closing connection 0

我已將其部署到 Google 雲執行作為服務,並且在發出第一個請求時,我在雲執行日誌中看到我的應用程序的日誌輸出顯示它已啟動並正在偵聽埠 8080。

但是,請求失敗

"upstream connect error or disconnect/reset before headers. reset reason: protocol error"

curl -v https://cloudrun-srv-stuff.a.run.app/的完整輸出如下

*   Trying 216.239.36.53...
* TCP_NODELAY set
* Connected to cloudrun-srv-lz5wvvl32a-ez.a.run.app (216.239.36.53) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
 CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=Mountain View; O=Google LLC; CN=*.a.run.app
*  start date: Jun 28 01:08:46 2021 GMT
*  expire date: Sep 20 01:08:45 2021 GMT
*  subjectAltName: host "cloudrun-srv-stuff.a.run.app" matched cert's "*.a.run.app"
*  issuer: C=US; O=Google Trust Services; CN=GTS CA 1O1
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7f83b4810a00)
> GET / HTTP/2
> Host: cloudrun-srv-stuff.a.run.app
> User-Agent: curl/7.64.1
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
< HTTP/2 502
< content-length: 87
< content-type: text/plain
< date: Sat, 24 Jul 2021 13:58:13 GMT
< server: Google Frontend
< x-cloud-trace-context: 1370fab1a02839b367048f855593cbef/5890123523738625787;o=1
< alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
<

調試這個的下一步是什麼?

John Hanely 對我的問題的回答確定了這個問題。https://cloud.google.com/run/docs/configuring/http2#console允許我端到端禁用 http/2,這解決了問題。

引用自:https://serverfault.com/questions/1070510