Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] docker运行Java程序时配置代理-Dhttp.proxyHost后启动报错 #11809

Closed
chenzfp opened this issue Mar 8, 2024 · 6 comments
Closed

[BUG] docker运行Java程序时配置代理-Dhttp.proxyHost后启动报错 #11809

chenzfp opened this issue Mar 8, 2024 · 6 comments
Labels
status/need feedback

Comments

@chenzfp
Copy link

chenzfp commented Mar 8, 2024
edited

bug现象描述

版本:2.0.4(客户端和服务端都是)
环境:私有云环境,只有少量跳板机器可以访问公网,其他机器均通过配置代理方式访问公网
bug现象:docker启动时配置指定代理会报错,Java命令启动不会报错,同在一台主机上进行的测试
代理软件:squid

Java命令启动正常

java -Dhttp.proxyHost=192.168.131.189 -Dhttp.proxyPort=31280 -Dhttps.proxyHost=192.168.131.189 -Dhttps.proxyPort=31280 -Dhttp.nonProxyHosts="localhost|127.0.0.1|192.168.131.*" -jar demo.jar
image

docker方式启动报错

docker run -d --name test-demo \
  -p 18080:8080 \
  --network host \
  -e "JAVA_OPTS=-server -Xms1g -Xmx1g -Dhttp.proxyHost=192.168.131.189 -Dhttp.proxyPort=31280 -Dhttps.proxyHost=192.168.131.189 -Dhttps.proxyPort=31280 -Dhttp.nonProxyHosts='localhost|127.0.0.1|192.168.131.*'" \
  reg.myharbor.com/order/demo:v1

报错内容如下
image

Caused by: com.alibaba.nacos.shaded.io.grpc.StatusRuntimeException: UNAVAILABLE: io exception
Channel Pipeline: [HttpClientCodec#0, HttpProxyHandler#0, ProtocolNegotiators$ProxyProtocolNegotiationHandler#0, WriteBufferingAndExceptionHandler#0, DefaultChannelPipeline$TailContext#0]
	at com.alibaba.nacos.shaded.io.grpc.Status.asRuntimeException(Status.java:533) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.stub.ClientCalls$UnaryStreamToFuture.onClose(ClientCalls.java:490) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.PartialForwardingClientCallListener.onClose(PartialForwardingClientCallListener.java:39) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:23) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.ForwardingClientCallListener$SimpleForwardingClientCallListener.onClose(ForwardingClientCallListener.java:40) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.CensusStatsModule$StatsClientInterceptor$1$1.onClose(CensusStatsModule.java:700) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.PartialForwardingClientCallListener.onClose(PartialForwardingClientCallListener.java:39) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:23) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.ForwardingClientCallListener$SimpleForwardingClientCallListener.onClose(ForwardingClientCallListener.java:40) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.CensusTracingModule$TracingClientInterceptor$1$1.onClose(CensusTracingModule.java:399) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:510) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.ClientCallImpl.access$300(ClientCallImpl.java:66) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.close(ClientCallImpl.java:630) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.access$700(ClientCallImpl.java:518) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInternal(ClientCallImpl.java:692) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInContext(ClientCallImpl.java:681) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:123) ~[nacos-client-2.0.4.jar!/:na]
	... 3 common frames omitted
Caused by: com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.handler.proxy.HttpProxyHandler$HttpProxyConnectException: http, none, /192.168.131.189:31280 => 192.168.131.187:9848, status: 403 Forbidden
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.handler.proxy.HttpProxyHandler.handleResponse(HttpProxyHandler.java:191) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.handler.proxy.ProxyHandler.channelRead(ProxyHandler.java:260) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelRead(CombinedChannelDuplexHandler.java:438) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:328) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:302) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.CombinedChannelDuplexHandler.channelRead(CombinedChannelDuplexHandler.java:253) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1421) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:930) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:697) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:632) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:549) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:511) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:918) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[nacos-client-2.0.4.jar!/:na]
	at com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[nacos-client-2.0.4.jar!/:na]
	... 1 common frames omitted

测试源码:demo.zip
@seedscoder
Copy link

Caused by: com.alibaba.nacos.shaded.io.grpc.StatusRuntimeException: UNAVAILABLE: io exception GRPC 端口问题?

@chenzfp
Copy link
Author

chenzfp commented Mar 11, 2024

Caused by: com.alibaba.nacos.shaded.io.grpc.StatusRuntimeException: UNAVAILABLE: io exception GRPC 端口问题?

不像是,如果是端口的问题,把代理去掉了为什么就不报错了
Caused by: com.alibaba.nacos.shaded.io.grpc.netty.shaded.io.netty.handler.proxy.HttpProxyHandler$HttpProxyConnectException: http, none, /192.168.131.189:31280 => 192.168.131.187:9848, status: 403 Forbidden

@KomachiSion
Copy link
Collaborator

http, none, /192.168.131.189:31280 => 192.168.131.187:9848, status: 403 Forbidden
怀疑是代理proxy上有鉴权,导致请求被代理返回了403拒绝了。

直连没问的话,说明nacos没有问题,是代理本身的问题。

@chenzfp
Copy link
Author

chenzfp commented Mar 12, 2024

http, none, /192.168.131.189:31280 => 192.168.131.187:9848, status: 403 Forbidden 怀疑是代理proxy上有鉴权,导致请求被代理返回了403拒绝了。

直连没问的话,说明nacos没有问题,是代理本身的问题。

使用的是squid代理,代理的是http,代理配置的是允许所有,是没有鉴权的
http_access allow all
image

@KomachiSion
Copy link
Collaborator

KomachiSion commented Mar 15, 2024
edited

那就不清楚了, 但是grpc应该是http2, 并且如果只使用http2代理可能会连接一直断开。目前看报错就是grpc客户端在通过代理访问的时候,收到了代理返回的403.具体问题得自行排查一下代理了。

@KomachiSion
Copy link
Collaborator

No more response from author, It seems env problem.

@KomachiSion KomachiSion closed this as not planned Won't fix, can't repro, duplicate, stale Mar 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status/need feedback
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chenzfp @seedscoder @KomachiSion