bear's questions

我有一个本地、公开的 k8s 节点，并已将 metallb 配置为具有 Traefik 2.0 第 4 层 LB 的 LB 提供程序。

我试图弄清楚为什么 Traefik LB 服务被分配了 NodePorts：

kubectl describe svc traefik
Name:                     traefik
Namespace:                default
Labels:                   <none>
Annotations:              metallb.universe.tf/address-pool: default
Selector:                 app=traefik
Type:                     LoadBalancer
IP:                       10.102.106.163
LoadBalancer Ingress:     x.x.x.x
Port:                     web  80/TCP
TargetPort:               80/TCP
NodePort:                 web  30481/TCP
Endpoints:                192.168.152.4:80
Port:                     admin  8080/TCP
TargetPort:               8080/TCP
NodePort:                 admin  30839/TCP
Endpoints:                192.168.152.4:8080
Port:                     websecure  443/TCP
TargetPort:               443/TCP
NodePort:                 websecure  30647/TCP
Endpoints:                192.168.152.4:443
Session Affinity:         None
External Traffic Policy:  Cluster
Events:
  Type    Reason        Age                   From                Message
  ----    ------        ----                  ----                -------
  Normal  IPAllocated   53m                   metallb-controller  Assigned IP "x.x.x.x"
  Normal  nodeAssigned  2m21s (x13 over 53m)  metallb-speaker     announcing from node "x-lp-xxx-xx-xxxxx"

在什么情况下，LB 服务会被分配 NodePort？

我正在为邮件解决方案设置带有 Dovecot 的 Postfix。当我尝试telnet localhost 25连接关闭时。

日志中看到的错误是：

postfix/smtpd[22958]: initializing the server-side TLS engine
postfix/smtpd[22958]: connect from localhost[::1]
postfix/smtpd[22958]: fatal: no SASL authentication mechanisms
postfix/master[32651]: warning: process /usr/libexec/postfix/smtpd pid 22958 exit status 1
postfix/master[32651]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

服务器是 CentOS 7 服务器

Linux <redacted> 3.10.0-123.8.1.el7.x86_64 #1 SMP Mon Sep 22 19:06:58 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

这是摘录自postconf -n

postconf: warning: /etc/postfix/main.cf: undefined parameter: virtual_mailbox_limit_maps
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
dovecot_destination_recipient_limit = 1
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 30720000
mydestination = $myhostname, localhost, localhost.localdomain
myhostname = <redacted>
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,     reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
smtpd_tls_loglevel = 4
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000
postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_create_maildirsize=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_maildir_extended=yes

并从doveconf -n

# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-123.8.1.el7.x86_64 x86_64 CentOS Linux release 7.0.1406 (Core)  ext4
auth_mechanisms = plain login
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/home/vmail/%d/%n/Maildir
namespace {
  inbox = yes
  location =
  prefix = INBOX.
  separator = .
  type = private
}
passdb {
  args = /etc/dovecot-sql.conf
  driver = sql
}
protocols = imap pop3
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-master {
    mode = 0660
    user = vmail
  }
  user = root
}
ssl_cert = /etc/pki/dovecot/certs/dovecot.pem
ssl_key = /etc/pki/dovecot/private/dovecot.pem
userdb {
  args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
  driver = static
}
protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  log_path = /home/vmail/dovecot-deliver.log
  postmaster_address = [email protected]
}
protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
}

而对于rpm -qa | grep sasl

cyrus-sasl-md5-2.1.26-17.el7.x86_64
cyrus-sasl-gssapi-2.1.26-17.el7.x86_64
libgsasl-1.8.0-2.el7.x86_64
cyrus-sasl-ldap-2.1.26-17.el7.x86_64
cyrus-sasl-lib-2.1.26-17.el7.x86_64
cyrus-sasl-plain-2.1.26-17.el7.x86_64
cyrus-sasl-sql-2.1.26-17.el7.x86_64
cyrus-sasl-gs2-2.1.26-17.el7.x86_64
cyrus-sasl-2.1.26-17.el7.x86_64
cyrus-sasl-scram-2.1.26-17.el7.x86_64
cyrus-sasl-devel-2.1.26-17.el7.x86_64

并且ps ax | grep sasl，显示 authsasld 正在运行？

23280 ?        Ss     0:00 /usr/sbin/saslauthd -m /run/saslauthd -a pam
23281 ?        S      0:00 /usr/sbin/saslauthd -m /run/saslauthd -a pam
23282 ?        S      0:00 /usr/sbin/saslauthd -m /run/saslauthd -a pam
23283 ?        S      0:00 /usr/sbin/saslauthd -m /run/saslauthd -a pam
23284 ?        S      0:00 /usr/sbin/saslauthd -m /run/saslauthd -a pam

有人能看出我的配置有什么问题吗？

我正在尝试在代理后面运行 Fisheye。到目前为止，我已经设法让 Jira 和 Stash 在代理后面工作，但不是 Fisheye。

这是我在 Nginx 中的配置文件：

server {

listen   80;

server_name  dev.int.com;

access_log off;

location / {

proxy_pass http://IP:8080;

proxy_set_header    Host            $host;

proxy_set_header    X-Real-IP       $remote_addr;

proxy_set_header    X-Forwarded-for $remote_addr;

port_in_redirect off;

proxy_redirect   http://IP:8080/jira  /;

proxy_connect_timeout 300;

}



location ~ ^/stash {

proxy_pass http://IP:7990;

proxy_set_header    Host            $host;

proxy_set_header    X-Real-IP       $remote_addr;

proxy_set_header    X-Forwarded-for $remote_addr;

port_in_redirect off;

proxy_redirect   http://IP:7990/  /stash;

proxy_connect_timeout 300;

}



location ~ ^/crucible {

proxy_pass http://IP:8060;

proxy_set_header    Host            $host;

proxy_set_header    X-Real-IP       $remote_addr;

proxy_set_header    X-Forwarded-for $remote_addr;

port_in_redirect off;

proxy_redirect   http://IP:8060/  /crucible;

proxy_connect_timeout 300;

}



error_page   500 502 503 504  /50x.html;

location = /50x.html {

root   /usr/local/nginx/html;

}

}

在鱼眼中：

<web-server site-url="http://dev.int.com/crucible" context="/crucible">

    <http bind="http://dev.int.com/" proxy-port="80" proxy-scheme="http" proxy-host="dev.int.com/crucible"/>

</web-server>

然而，它只是没有正确地推出东西，并且是一个鱼眼问题 --> 当我访问 /crucible 时，它​​确实显示了 Crucible 页面，但是，它没有加载任何页面资源或 ajax。尝试登录会将我带到 /login，因此很明显 Fisheye 尽管有配置文件，但它的上下文路径仍然在 / 上。我已经重新启动了 Fisheye 和 Nginx 服务器，但无济于事。任何指导将不胜感激 ：）

我在 OS X 10.7.4 上使用 Apache（与 Zend Server 捆绑）时收到 HTTP 403，权限错误 13（文件系统？）。

[Thu May 17 16:40:58 2012] [error] [client ::1] (13)Permission denied: access to / denied

这是我在 httpd-vhosts.conf 中的配置

<VirtualHost *:81>
  DocumentRoot "/Users/shamil/Documents/Sites/shamil_blog"

  ServerName blog.shamil.local
  ServerAlias blog.shamil.local
  ErrorLog "logs/shamil_blog-error_log"
  CustomLog "logs/shamil_blog-access_log" common

  DirectoryIndex index.php
  <Directory /Users/shamil/Documents/Sites/shamil_blog>
      Options +Indexes +FollowSymLinks +ExecCGI
      DirectoryIndex index.php
      AllowOverride All
      Order allow,deny
      Allow from all
  </Directory>
</VirtualHost>

我在 shamil_blog 文件夹上设置了适当的权限：

 drwxrwxrwx  25 shamil  staff   850 May 17 16:01 shamil_blog

在站点文件夹中：

drwxrwxrwx   4 shamil  staff    136 May 17 15:59 Sites

那么，为什么我做错了？

我已经在 Windows Server 2008 上安装了带有 Web PI 的 PHP 5.2。该服务器还包含我用于邮件的 Exchange 服务器。

我正在使用的脚本使用 PHP 的 mail() 函数来发送邮件。

使用该功能时，当收件人在域内时，邮件会投递，如果收件人在域外，则投递失败，邮件返回错误。

我似乎在日志文件中找不到任何内容，因此我假设这是 Exchange 2010 错误。