我们让nginx作为反向代理坐在独角兽的rails应用程序前面。
我们没有覆盖任何超时默认值。
我遇到的问题是:
当通过http请求一个超过5秒的页面时,它可以正常工作。
当通过httpS请求超过5秒的特定页面时,我得到324(服务器的空响应) 在系统上请求任何其他页面时,它可以正常使用https。
我可以确认这是一个时间问题,因为我将模板剥离并进入睡眠状态6以使模板等待渲染为空。
请求有几个子请求到js和css,这些在单独调用时工作正常。
nginx错误日志显示问题网址时的套接字读取错误。
在http中进行模板渲染和子请求时,
当在https上的失败URL中时,它会向上游发送两次但在那里死亡,而不发送子请求。 (rails应用程序声称它可以正常使用)
奇怪的是它将原始请求两次发送到上游, 然后死了,
日志和配置文件如下,
NGINX错误日志(仅在读取需要很长时间才能呈现的特定网址时使用HTTPS):
2012/11/06 15:05:00 [info] 5717#0:* 4012 SSL_write()失败(SSL :)(32:断管)在读取上游时,客户端:10.2.20.98,服务器:云。 zia4buildings.com,请求:“GET / admin / datasets HTTP / 1.1”,上游:“http://127.0.0.1:3000/admin/datasets”,主持人:“cloud.zia4buildings.com”,推荐人:“https: //cloud.zia4buildings.com/admin/sage_categories“
2012/11/06 15:05:03 [info] 5717#0:* 4027 SSL_write()失败(SSL :)(32:断管)在读取上游时,客户端:10.2.20.98,服务器:云。 zia4buildings.com,请求:“GET / admin / datasets HTTP / 1.1”,上游:“http://127.0.0.1:3000/admin/datasets”,主持人:“cloud.zia4buildings.com”,推荐人:“https: //cloud.zia4buildings.com/admin/sage_categories“
[编辑] 问题是https代理传递超时, 如果我在任何页面(即使是超轻的页面)中等待6秒钟,那么https请求将失败。
**APPLICATION LOGS:**
(my comments in (-- --)
**HTTP:**
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:19:40 -0700
Processing by Admin::DatasetsController#index as HTML
(-- lots of these ok --)
Rendered admin/datasets/_dataset.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (5.4ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (4.1ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5694.0ms)
Completed 200 OK in 5704ms (Views: 5171.9ms | ActiveRecord: 531.4ms)
Started GET "/stylesheets/dyn_stylesheets/dynamic.css" for 127.0.0.1 at 2012-11-06 09:15:31 -0700
Processing by DynStylesheetsController#index as CSS
Parameters: {"id"=>"dynamic"}
Exist fragment? views/rating_system_css_colors (1.4ms)
Read fragment views/rating_system_css_colors (0.1ms)
Exist fragment? views/leed_category_css_colors (0.4ms)
Read fragment views/leed_category_css_colors (0.0ms)
Exist fragment? views/sage_category_css_colors (0.3ms)
Read fragment views/sage_category_css_colors (0.0ms)
Exist fragment? views/node_css_colors (3.3ms)
Read fragment views/node_css_colors (0.0ms)
Rendered dyn_stylesheets/dynamic.css.erb (9.8ms)
Completed 200 OK in 17ms (Views: 12.1ms | ActiveRecord: 4.0ms)
(-- EOF HTTP success request --)
**HTTPS:**
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:20:44 -0700
Processing by Admin::DatasetsController#index as HTML
Rendered admin/datasets/_set_field.html.erb (15.8ms)
(-- lots of these ok --)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (3.0ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5973.3ms)
Completed 200 OK in 5982ms (Views: 5419.4ms | ActiveRecord: 561.5ms)
(-- (here starts a second, identical request without no apparent reason) --)
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:20:47 -0700
Processing by Admin::DatasetsController#index as HTML
Rendered admin/datasets/_set_field.html.erb (15.9ms)
Rendered admin/datasets/_set_field.html.erb (0.5ms)
(-- lots of these ok --)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (4.1ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5944.9ms)
Completed 200 OK in 5955ms (Views: 5419.8ms | ActiveRecord: 549.8ms)
(-- here the browser gets the error 324, empty response --)
CONF:
这是经典配置:
upstream unicorn_server {
# this socket is set up on the config/unicorn.rb file
server unix:/home/sage/apps/sage/production/shared/.unicorn.sock;
}
server {
listen 80;
root /home/sage/apps/sage/production/current/public;
location / {
proxy_set_header X-Forwarded-For $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://unicorn_server;
break;
}
}
}
server {
listen localhost:443;
listen 10.2.20.84:443;
ssl on;
ssl_certificate /etc/ssl/certs/cert.chained.crt;
ssl_certificate_key /etc/ssl/certs/cert.com.key;
root /home/sage/apps/sage/production/current/public;
location / {
proxy_set_header X-Forwarded-For $scheme;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://unicorn_server;
break;
}
}
}
非常赞赏任何正确方向的指针,
谢谢!
答案 0 :(得分:0)
没关系,
罪魁祸首是haproxy,它位于我们防火墙的整个堆栈前面。 因此发送这些超时,