S3 Browser连接到MINIO API(9000端口),使用MOVE等功能报403 Forbidden,一开始以为是Buckets或Access Keys的权限问题,后经测试无果,查看日志发现原来是NGINX报的403,测试了各种NGINX反代配置(包括MINIO官方NGINX反代配置)还是报403,后经google发现OpenResty反代MinIO的API端口无法进行上传等操作这个issues
因反代缓存将HEAD请求转换为GET请求进行缓存,导致HEAD请求403从而引发问题点
解决方法只需在NGINX反代配置中加入proxy_cache_convert_head off;
以下是结合官方推荐配置解决方案:
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
proxy_cache_convert_head off; # 解决403 Forbidden
proxy_pass http://127.0.0.1:9000;
}
enjoy life