From nginx-forum at nginx.us Sun May 1 05:04:21 2011 From: nginx-forum at nginx.us (inspire22) Date: Sat, 30 Apr 2011 21:04:21 -0400 Subject: variables in if regexes Message-ID: <96751c7eeff6de7ab97f1c1904c619bb.NginxMailingListEnglish@forum.nginx.org> I have a caching system I need to bypass if the logging in user's name is found in the $request_uri. I'm trying to do something like this, but can't get the variable to interpolate into the regex. Any suggestions pretty please? set $me "Asabouros."; if ($uri ~ $me) { set $chk ""; } I've always tried things like this: if ($uri ~ "by-{$me}") { set $chk ""; } Thanks! -Kevin Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194753,194753#msg-194753 From wendal1985 at gmail.com Sun May 1 05:28:16 2011 From: wendal1985 at gmail.com (Wendal Chen) Date: Sun, 1 May 2011 09:28:16 +0800 Subject: nginx and google In-Reply-To: <4daa0cf8766acfaaccec44582e1d2037.NginxMailingListEnglish@forum.nginx.org> References: <4daa0cf8766acfaaccec44582e1d2037.NginxMailingListEnglish@forum.nginx.org> Message-ID: check your robot.txt 2011/4/30 konelli > freebsd 8 nginx-0.8.54 proxy works perfect. Any site loads very fast > thru proxy pass but google do not wont to load! Any other indexing > sites. Help. > Here my config > > worker_processes 1; > events { > worker_connections 5; > } > > http { > server { > listen 8081; > # access_log off; > > location / { > proxy_pass http://211.141.153.146; > proxy_set_header Host $host; > } > } > } > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,194580,194580#msg-194580 > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > -- Wendal Chen -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Mon May 2 04:26:31 2011 From: nginx-forum at nginx.us (Andy) Date: Sun, 01 May 2011 20:26:31 -0400 Subject: Does Nginx block on file IO? Message-ID: Hi. I was always under the impression that Nginx is non-blocking for file IO. Then I was told it wasn't. I'm considering using Nginx to serve static images. Pretty much every connection will result in a file IO. If Nginx blocks for file IO, then using Nginx here wouldn't be any better than using Apache, right? Every connection will lead to a file IO which blocks the entire Nginx process. So to serve 500 concurrent connections I'll need 500 Nginx processes. Would Nginx work in such a use case? Any tips on how to use Nginx for serving static media? Thanks. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194884,194884#msg-194884 From sweeks at imvu.com Mon May 2 04:54:17 2011 From: sweeks at imvu.com (Stephen Weeks) Date: Sun, 1 May 2011 17:54:17 -0700 Subject: Crash (double free or corruption) on trying to proxy to localhost Message-ID: I've currently got a pool of systems running nginx proxying to a pool of systems running apache. I'm trying to move to running nginx locally on the apache hosts instead of separate systems to avoid the extra network hop, make more-efficient use of resources, and enable some future development (including migrating to running our application on nginx via fastcgi instead of apache, ideally). we've currently got some significant architecture built up around apache, so converting right now is uncomfortable. Ideally, I'd like nginx to just serve from localhost, but fail over to the rest of the pool when localhost in unavailable, so in my upstream I have every server except for localhost set as 'backup'. I'm otherwise running identical configurations of apache and nginx on a single system together as used in the rest of the two pools. This works exactly as expected, except that I get a few crashes of nginx workers every minute. This only happens when proxying to the local system. If I proxy anywhere else, it works fine. Other proxies can serve from this system without trouble. I see this same behaviour on other hosts when I build them the same way, so it's not an error with the host. I see this crash on 0.7.65, 0.8.54, and 1.0.0, running on Ubuntu 10.04 LTS. I see this crash whether I'm connecting to 127.0.0.1 or the host's local IP. I see this crash whether I'm listening on *:80 or :80. I see this crash whether I'm connecting to :80 or running apache on a different port and connecting to :81. I see this crash whether I'm running ubuntu's "nginx-light" configuration, or their "nginx-full" configuration. I see no errors logged from apache. 1) I'd really love to make this work, so if there's anything else I can try, any additional debugging information I can give, I'd appreciate it. 2) Nginx has been very useful to me so far, so I thought you'd appreciate a bug report. Posted on github, I have a problem description, section of a debug log, my (slightly edited: flattened includes and stripped an IP) nginx.conf, a gdb backtrace, and some additional information I was asked for when looking for help on IRC. This is everything I've been able to come up with that sounds plausibly relevant. https://gist.github.com/1574dbaf3a3dcda920a2 Any help? (Thanks to MTechnology and kolbyjack for helping me troubleshoot this on IRC) -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Mon May 2 05:54:27 2011 From: nginx-forum at nginx.us (jjjx128) Date: Sun, 01 May 2011 21:54:27 -0400 Subject: Does Nginx block on file IO? In-Reply-To: References: Message-ID: Andy Wrote: ------------------------------------------------------- > I was always under the impression that Nginx is > non-blocking for file IO. Then I was told it > wasn't. Actually AIO support was added not so long ago. It can be non-blocking for file IO on systems with AIO. > If Nginx blocks for file IO, then > using Nginx here wouldn't be any better than using > Apache, right? How is it even related? There is a difference between getting a file from disk and serving it to the client from buffer. You can get it really fast and block for a very little time but than send it to the client very slowly. So asynchronous front-end would be a really good idea. Other than that you might find that neither nginx nor apache can serve your images fast enough from any common filesystem. You will need something like Bitcask to go farther. The idea is to get an entire image to the buffer in a single disk seek. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194884,194891#msg-194891 From nginx-forum at nginx.us Mon May 2 06:59:51 2011 From: nginx-forum at nginx.us (flubber) Date: Sun, 01 May 2011 22:59:51 -0400 Subject: nginx and php fast cgi different server? Message-ID: Hello All, I'm a newbie on nginx, currently i have configure nginx n php fast cgi with same server, i want to split nginx and php fast cgi with different, it's posibble? I have test change fastcgi_pass point di php fast cgi to other server, but when access site just get "No input file specified." and no error report. This my configuration. location ~ \.php$ { #fastcgi_pass 127.0.0.1:9000; fastcgi_pass 10.1.1.10:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name; include fastcgi_params; } My nginx nginx/0.9.6, please advice and suggestion Thx all. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194899,194899#msg-194899 From edhoprima at gmail.com Mon May 2 07:02:49 2011 From: edhoprima at gmail.com (Edho P Arief) Date: Mon, 2 May 2011 10:02:49 +0700 Subject: nginx and php fast cgi different server? In-Reply-To: References: Message-ID: On Mon, May 2, 2011 at 9:59 AM, flubber wrote: > Hello All, > > I'm a newbie on nginx, currently i have configure nginx n php fast cgi > with same server, i want to split nginx and php fast cgi with different, > it's posibble? > > I have test change fastcgi_pass point di php fast cgi to other server, > but when access site just get "No input file specified." and no error > report. > > This my configuration. > > ? ? ? ?location ~ \.php$ { > ? ? ? ? ? ? ? ?#fastcgi_pass ? 127.0.0.1:9000; > ? ? ? ? ? ? ? ?fastcgi_pass ? 10.1.1.10:9000; > ? ? ? ? ? ? ? ?fastcgi_index ?index.php; > ? ? ? ? ? ? ? ?fastcgi_param ?SCRIPT_FILENAME > /var/www/html$fastcgi_script_name; > ? ? ? ? ? ? ? ?include fastcgi_params; > ? ? ? ?} > > My nginx nginx/0.9.6, please advice and suggestion > the fastcgi files (in this case, php files) must be located in the other server (10.1.1.10 in this case) From sweeks at imvu.com Mon May 2 07:13:42 2011 From: sweeks at imvu.com (Stephen Weeks) Date: Sun, 1 May 2011 20:13:42 -0700 Subject: Crash (double free or corruption) on trying to proxy to localhost In-Reply-To: References: Message-ID: Apparently these crashed don't happen with the upstreamfair module, as far as I've been able to tell so far. That's probably good enough as a workaround for me for now, and may be a clue when investigating this crash. On Sun, May 1, 2011 at 5:54 PM, Stephen Weeks wrote: > I've currently got a pool of systems running nginx proxying to a pool of > systems running apache. I'm trying to move to running nginx locally on the > apache hosts instead of separate systems to avoid the extra network hop, > make more-efficient use of resources, and enable some future development > (including migrating to running our application on nginx via fastcgi instead > of apache, ideally). we've currently got some significant architecture > built up around apache, so converting right now is uncomfortable. > > Ideally, I'd like nginx to just serve from localhost, but fail over to the > rest of the pool when localhost in unavailable, so in my upstream I have > every server except for localhost set as 'backup'. I'm otherwise running > identical configurations of apache and nginx on a single system together as > used in the rest of the two pools. This works exactly as expected, except > that I get a few crashes of nginx workers every minute. This only happens > when proxying to the local system. If I proxy anywhere else, it works > fine. Other proxies can serve from this system without trouble. I see this > same behaviour on other hosts when I build them the same way, so it's not an > error with the host. I see this crash on 0.7.65, 0.8.54, and 1.0.0, running > on Ubuntu 10.04 LTS. I see this crash whether I'm connecting to 127.0.0.1 > or the host's local IP. I see this crash whether I'm listening on *:80 or > :80. I see this crash whether I'm connecting to :80 or running > apache on a different port and connecting to :81. I see this crash whether > I'm running ubuntu's "nginx-light" configuration, or their "nginx-full" > configuration. I see no errors logged from apache. > > 1) I'd really love to make this work, so if there's anything else I can > try, any additional debugging information I can give, I'd appreciate it. > 2) Nginx has been very useful to me so far, so I thought you'd appreciate a > bug report. > > Posted on github, I have a problem description, section of a debug log, my > (slightly edited: flattened includes and stripped an IP) nginx.conf, a gdb > backtrace, and some additional information I was asked for when looking for > help on IRC. This is everything I've been able to come up with that sounds > plausibly relevant. > > https://gist.github.com/1574dbaf3a3dcda920a2 > > Any help? > > (Thanks to MTechnology and kolbyjack for helping me troubleshoot this on > IRC) > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at ruby-forum.com Mon May 2 08:08:24 2011 From: lists at ruby-forum.com (Mike P.) Date: Mon, 02 May 2011 06:08:24 +0200 Subject: 502 errors, upstream sent too big header In-Reply-To: References: Message-ID: <79524ba8fb1d2c8fb975fab30434c302@ruby-forum.com> Hi, I'm getting this same error (please see log output below) with Nginx(0.8.54) and Passenger(3.0.6) using GET requests with really long URIs. My assumption is that fastcgi_buffer* directives won't apply to my configuration since the request is being handled by passenger instead of a php/perl fastcgi socket. I've tried defining the proxy_buffer* settings like Travis described in his initial post, but that didn't resolve the error I'm experiencing. I've defined "large_client_header_buffers 8 16k;" in the server context, but this doesn't alleviate the error either. Is 'large_client_header_buffers' the proper directive I should be using? If not, is there a directive I can use to increase the response header size limit? Thanks for any insight into this, Mike P. ---------- 2011/05/01 09:57:41 [error] 12176#0: *4537092 upstream sent too big header while reading response header from upstream, client: x.x.x.x, server: hostname.tld, request: "GET /heroku/resources/18623? HTTP/1.1", upstream: "passenger:unix:/ ---------- -- Posted via http://www.ruby-forum.com/. From nginx-forum at nginx.us Mon May 2 08:11:10 2011 From: nginx-forum at nginx.us (HowToMeetLadies) Date: Mon, 02 May 2011 00:11:10 -0400 Subject: Catch ALL requests by LUA-script In-Reply-To: References: Message-ID: <90c728b1bd4f045a01171963ba75b30f.NginxMailingListEnglish@forum.nginx.org> Maybe slightly off-topic but then maybe it is useful for you (andiL) or someone else. Before i start, @agentzh: every ?nth request, one of nginx (0.8.54.4rc2-jit2beta6) worker processes segfaults, is this behaviour related to the pcre issue? have not patched it yet.. ah and thank you *very* much for giving nginx this all new powers!! ((: Ok, im a long time nginx/redis/ruby user and this are my first steps with lua and a lightweight (M)VC framework around three core "classes", which uses haml for templates/layout and markdown for text processing (5 minute ffi discount binding), drizzle and redis for data and redis also for caching. Successfully running a little app with it. yay! *.* For now i can give you some snippets just to show some basic aspects, ill release a fully working example sometime soon, if the segfaults doesnt belong to the pcre-issue ill try to debug that too. Below ill use luasql, instead you can use ngx.location.capture("/some-internal-rds-json") and lua-yajl, but this approach ends as soon as you want INSERT followed by LAST_INSERT_ID() or other complex queries/transactions (as long as libdrizzle has no support for multiple queries, maybe this is not the best option to go with, ive tried alternatives and workarounds, but for now this is what *I* want). At the moment i do not need an ORM for my data, but have already done some functions for both rds_json and luasql. redis has some commands exposed in nginx.conf for easy access with lua (: The core classes: Request; which contains several ngx.var wrappers (for nil instead of '' for empty keys), present(str), simple cookie/session/login, before/after filters, haml/markdown rendering, etc.. MethodRequest < Request; which calls functions for HTTP Methods aka GET, POST alike.. and finally Resource < MethodRequest; which has an Rails-ActionController-like interface. Greetz # HTML --- ATTACHMENT --- ookeh to bad no code formatting...? http://exc.eu/paste/deadbeaf.txt Posted at Nginx Forum: http://forum.nginx.org/read.php?2,179364,194903#msg-194903 From nginx-forum at nginx.us Mon May 2 08:26:29 2011 From: nginx-forum at nginx.us (flubber) Date: Mon, 02 May 2011 00:26:29 -0400 Subject: nginx and php fast cgi different server? In-Reply-To: References: Message-ID: <037843eb881f9c7979186de05bb8d829.NginxMailingListEnglish@forum.nginx.org> it's works, thanks. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194899,194905#msg-194905 From nginx-forum at nginx.us Mon May 2 09:15:08 2011 From: nginx-forum at nginx.us (moorthi) Date: Mon, 02 May 2011 01:15:08 -0400 Subject: nginx imaps auth_http cyrus In-Reply-To: <3f29c76ca3fec62ea3f4f3423b70de4e.NginxMailingListEnglish@forum.nginx.org> References: <4D73FB1E.3090104@alokat.org> <3f29c76ca3fec62ea3f4f3423b70de4e.NginxMailingListEnglish@forum.nginx.org> Message-ID: <8599d7049c20a5f08721167b39775a44.NginxMailingListEnglish@forum.nginx.org> auth_http script and other setttings are done correctly, this is what i am getting in error.log upstream timed out (111: Connection timed out) while connecting to upstream it's saying +OK for user in connect but after entering pass it's giving above error. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,180902,194908#msg-194908 From piotr.sikora at frickle.com Mon May 2 09:22:52 2011 From: piotr.sikora at frickle.com (Piotr Sikora) Date: Mon, 2 May 2011 07:22:52 +0200 Subject: Does Nginx block on file IO? In-Reply-To: References: Message-ID: Hi, > I was always under the impression that Nginx is non-blocking for file > IO. Then I was told it wasn't. That depends on your configuration on on capabilities of your operating system. Asynchronous file I/O is available on recent versions of Linux, Solaris, DragonFly, FreeBSD, NetBSD, MacOSX. > I'm considering using Nginx to serve static images. Pretty much every > connection will result in a file IO. No, it won't. Recently served files should be in your OS's buffer cache. > If Nginx blocks for file IO, then > using Nginx here wouldn't be any better than using Apache, right? Every > connection will lead to a file IO which blocks the entire Nginx process. > So to serve 500 concurrent connections I'll need 500 Nginx processes. If that would be the case (buffer cache hit rate would be very low) and you would be using magnetic disks, then yes, you'd be better off with a web server than uses per-client lightweight processes or threads. Best regards, Piotr Sikora < piotr.sikora at frickle.com > From piotr.sikora at frickle.com Mon May 2 09:29:30 2011 From: piotr.sikora at frickle.com (Piotr Sikora) Date: Mon, 2 May 2011 07:29:30 +0200 Subject: Does Nginx block on file IO? In-Reply-To: References: Message-ID: Hi, > How is it even related? There is a difference between getting a file > from disk and serving it to the client from buffer. You can get it > really fast and block for a very little time but than send it to the > client very slowly. It's actually very related, because with event-driven programming, you're blocking _all_ worker's clients on the single disk I/O. Best regards, Piotr Sikora < piotr.sikora at frickle.com > From justin at specialbusservice.com Mon May 2 15:06:41 2011 From: justin at specialbusservice.com (Justin Cormack) Date: Mon, 02 May 2011 12:06:41 +0100 Subject: Does Nginx block on file IO? In-Reply-To: References: Message-ID: <1304334401.2438.145.camel@mackerel> On Mon, 2011-05-02 at 07:29 +0200, Piotr Sikora wrote: > Hi, > > > How is it even related? There is a difference between getting a file > > from disk and serving it to the client from buffer. You can get it > > really fast and block for a very little time but than send it to the > > client very slowly. > > It's actually very related, because with event-driven programming, you're > blocking _all_ worker's clients on the single disk I/O. If you expect file IO to block, use more nginx processes than cores. I dont think that async IO on Linux is really worth using, although I will do some benchmarks. You might try switching to FreeBSD as well. I think that node.js currently uses a thread pool for async IO on Linux (possibly all platforms, except maybe Windows), with sync IO in the background. Linux kernel aio was designed for programs like databases that manage their own buffer caches, not for normal file IO. If you dont cache the results it will be slow (unless anything has changed recently, will do some testing). Justin From nginx-forum at nginx.us Mon May 2 15:17:08 2011 From: nginx-forum at nginx.us (jjjx128) Date: Mon, 02 May 2011 07:17:08 -0400 Subject: Does Nginx block on file IO? In-Reply-To: References: Message-ID: Piotr Sikora Wrote: ------------------------------------------------------- > It's actually very related, because with > event-driven programming, you're > blocking _all_ worker's clients on the single disk > I/O. I know, but imagine how much memory you can save and use for file system cache if you are not running apache. Which can make fat more greater impact on your performance. You can't just say that nginx is the same as apache just because it's blocking on file I/O. So still, it depends on the type of load you are having. And if you are not serving 100 megabytes of data to 500 clients but a lot more you are most likely to get better results with asynchronous server even with blocking file I/O. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194884,194939#msg-194939 From nginx-forum at nginx.us Mon May 2 15:25:54 2011 From: nginx-forum at nginx.us (jjjx128) Date: Mon, 02 May 2011 07:25:54 -0400 Subject: Does Nginx block on file IO? In-Reply-To: References: Message-ID: <8343634767e2d40d5164389d05e4884f.NginxMailingListEnglish@forum.nginx.org> jjjx128 Wrote: ------------------------------------------------------- > And if you are not serving 100 megabytes > of data to 500 clients but a lot more you are most > likely to get better results with asynchronous > server even with blocking file I/O. Sorry, bad example, in this case your data will fit in file system cache and you still will be better off with nginx bacuase of all the context switches you save. Anyway there might be some very special case where disks are overloaded and access patterns are truly random. Although this never happens in real world. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194884,194941#msg-194941 From markus.jelsma at openindex.io Mon May 2 16:56:19 2011 From: markus.jelsma at openindex.io (Markus Jelsma) Date: Mon, 2 May 2011 14:56:19 +0200 Subject: Using map and proxy_pass In-Reply-To: <201104301252.43466.markus.jelsma@openindex.io> References: <201104291748.48357.markus.jelsma@openindex.io> <201104301252.43466.markus.jelsma@openindex.io> Message-ID: <201105021456.19711.markus.jelsma@openindex.io> Anyone else having some thoughs on how to use the map in conjunction with proxy_pass to set different hosts based on the first URI segment? On Saturday 30 April 2011 12:52:42 Markus Jelsma wrote: > Too many. I need to generate the mappings in an external program. I'd > rather not generate as many different locations. > > > Thanks > > > How many uri / backend mappings do you have? You could perform the > > above in two straight forward location blocks, based on the uri. > > > > location /abc { > > > > proxy_pass http://host01:8080; > > } > > > > .... > > > > Posted at Nginx Forum: > > http://forum.nginx.org/read.php?2,194480,194616#msg-194616 > > > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://nginx.org/mailman/listinfo/nginx > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx -- Markus Jelsma - CTO - Openindex http://www.linkedin.com/in/markus17 050-8536620 / 06-50258350 From nginx-forum at nginx.us Mon May 2 18:22:50 2011 From: nginx-forum at nginx.us (monster) Date: Mon, 02 May 2011 10:22:50 -0400 Subject: How to get a 404 logged with try_files? Message-ID: Hi! Just started with Nginx after reading it reached 1.0. Congratulation! I'm trying to get my test site to return a "missing image" icon when an image is missing, but have a 404 logged so I know I messed up something. I want to specify the images name without file extensions, in case I move some from PNG to JPG, or the other way around. My problem is that try_files doc says last path MUST exist. I would like last path to be $uri and cause a 404, not a 500. Tried using error_page to convert 500 to 404, but did not have any effect. Thanks for any advice! location ~ ^/img/[^\.]*$ { try_files $uri.png $uri.jpg $uri.gif $uri; error_page 500 =404 /img/missing; } location /img/ { error_page 404 /img/missing; } location = /img/missing { rewrite .* /img/icon/missing.png; } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194965,194965#msg-194965 From francis at daoine.org Mon May 2 19:35:31 2011 From: francis at daoine.org (Francis Daly) Date: Mon, 2 May 2011 16:35:31 +0100 Subject: Using map and proxy_pass In-Reply-To: <201105021456.19711.markus.jelsma@openindex.io> References: <201104291748.48357.markus.jelsma@openindex.io> <201104301252.43466.markus.jelsma@openindex.io> <201105021456.19711.markus.jelsma@openindex.io> Message-ID: <20110502153531.GB12564@craic.sysops.org> On Mon, May 02, 2011 at 02:56:19PM +0200, Markus Jelsma wrote: Hi there, A general rule for most config confusions is "the debug log is your friend". > Anyone else having some thoughs on how to use the map in conjunction with > proxy_pass to set different hosts based on the first URI segment? It's not clear to me why you're happy to generate an include file of mappings in an external program, but not happy to generate an include file of locations in an external program. And if you have a large number of locations, you'll probably be happier having no top-level regex locations. But all that aside... "map $var1 $var2" sets $var2 based on a string match of $var1. You wish to match based on the first uri segment. So, do just that: === http { map $first_segment $value { default 127.0.0.1; /abc 127.0.0.2; /def 127.0.0.3; } server { if ($uri ~* ^(/[^/]*) ) { set $first_segment $1; } location / { proxy_pass http://$value:8080/$uri ; } } } === You may want to play with the proxy_pass line depending on exactly what you want to do, but the above seems to work for me. You can also add a $second_segment (or $part2) in the if{} block, if you want a separate map for that. Good luck with it, f -- Francis Daly francis at daoine.org From lists at ruby-forum.com Mon May 2 21:54:57 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Mon, 02 May 2011 19:54:57 +0200 Subject: nginx rewrite Message-ID: <721e551f14c3665cad91466a13a63001@ruby-forum.com> Hello, I need to rewrite the URL /img/14567.jpg to /img/14/14567.jpg The image name is 14567.jpg, which is saved in /14 folder. /14 is caluculated by 14567 / 1000 How to implement is NGX rewrite? Thanks, Yanxin -- Posted via http://www.ruby-forum.com/. From cliff at develix.com Mon May 2 22:11:04 2011 From: cliff at develix.com (Cliff Wells) Date: Mon, 02 May 2011 11:11:04 -0700 Subject: Does Nginx block on file IO? In-Reply-To: References: Message-ID: <1304359864.11635.47.camel@portable-evil> On Sun, 2011-05-01 at 20:26 -0400, Andy wrote: > Hi. > > I was always under the impression that Nginx is non-blocking for file > IO. Then I was told it wasn't. > > I'm considering using Nginx to serve static images. Pretty much every > connection will result in a file IO. If Nginx blocks for file IO, then > using Nginx here wouldn't be any better than using Apache, right? Every > connection will lead to a file IO which blocks the entire Nginx process. > So to serve 500 concurrent connections I'll need 500 Nginx processes. You cannot take a single measure such as concurrent requests independent of requests per second and make a good prediction about performance requirements. If you have 500 concurrent requests, and each request takes an average of 1ms, then you could conceivably serve all 500 requests within 0.5 seconds with a single worker, which is quite reasonable. People have reported serving 10K requests per second using Nginx on rather modest hardware (laptops even). You'll probably find that your OS is the bottleneck, not Nginx (and you should focus your performance tuning at that level - TCP buffers and the like). It's also worth pointing out that if you currently have 500 concurrent requests on Apache, that number may actually decrease with Nginx, assuming requests are finished faster (i.e. if Nginx finishes each request twice as fast as Apache, you'd only see 250 concurrent requests, while requests per second would double). Obviously that's simplified, but hopefully clarifies my point. In any case, no need to have a worker per request, just start with the recommendation of 1 worker per core and tune from there. It's true that the *concurrent* number of requests is limited by the number of workers you have (the remaining requests will be served serially as each worker is freed), but in practice, it becomes academic. Serialization is going to happen at some level, even if you have a threaded server, so basically software threads buy you little more than the feeling of concurrency at the cost of massive amounts of memory. > Would Nginx work in such a use case? Any tips on how to use Nginx for > serving static media? Serving static content is actually where Nginx has been demonstrated to outperform Apache by a wide margin, in no small part because it leaves lots of memory for filesystem caching, and also because it causes less context-switches than a threaded server. At the end of the day, you should do some performance testing, since performance is going to depend a lot on factors that will only be revealed on your particular setup and your particular data (number and size of files, cache misses, etc). Regards, Cliff From igor at sysoev.ru Mon May 2 22:11:31 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Mon, 2 May 2011 22:11:31 +0400 Subject: nginx rewrite In-Reply-To: <721e551f14c3665cad91466a13a63001@ruby-forum.com> References: <721e551f14c3665cad91466a13a63001@ruby-forum.com> Message-ID: <20110502181131.GF43927@sysoev.ru> On Mon, May 02, 2011 at 07:54:57PM +0200, Yanxin Z. wrote: > Hello, > I need to rewrite the URL > > /img/14567.jpg to /img/14/14567.jpg > > The image name is 14567.jpg, which is saved in /14 folder. /14 is > caluculated by 14567 / 1000 > > How to implement is NGX rewrite? location /img/ { location ~ ^/img/(..)(.+)$ { alias /path/to/img/$1/$1$2; } } -- Igor Sysoev From nginx-forum at nginx.us Mon May 2 22:21:48 2011 From: nginx-forum at nginx.us (monster) Date: Mon, 02 May 2011 14:21:48 -0400 Subject: How to get a 404 logged with try_files? In-Reply-To: References: Message-ID: Found it! It must look like this, putting =404 as last location in try_files: location ~ ^/img/[^\.]*$ { try_files $uri.png $uri.jpg $uri.gif $uri =404; error_page 404 /img/missing; } That would be useful information to put in the try_files wiki... Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194965,195019#msg-195019 From lists at ruby-forum.com Mon May 2 22:48:50 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Mon, 02 May 2011 20:48:50 +0200 Subject: nginx rewrite In-Reply-To: <721e551f14c3665cad91466a13a63001@ruby-forum.com> References: <721e551f14c3665cad91466a13a63001@ruby-forum.com> Message-ID: Hello Igor Sysoev, Thank you for your help. You suggestion is great, but my problem is a little bit complicated. The image name is flexible, can be from 0.jpg to 23456.jpg, we organize the image files into folders, whose name is the number divide by 1000. For example, the folder 100 saves the file 100000.jpg to 100999.jpg. Both the folder and file name are flexible in my case. Do you have any suggestion on it? Thanks, Yanxin -- Posted via http://www.ruby-forum.com/. From mdounin at mdounin.ru Mon May 2 22:53:27 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 May 2011 22:53:27 +0400 Subject: nginx imaps auth_http cyrus In-Reply-To: <8599d7049c20a5f08721167b39775a44.NginxMailingListEnglish@forum.nginx.org> References: <4D73FB1E.3090104@alokat.org> <3f29c76ca3fec62ea3f4f3423b70de4e.NginxMailingListEnglish@forum.nginx.org> <8599d7049c20a5f08721167b39775a44.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110502185327.GD42265@mdounin.ru> Hello! On Mon, May 02, 2011 at 01:15:08AM -0400, moorthi wrote: > auth_http script and other setttings are done correctly, > this is what i am getting in error.log > upstream timed out (111: Connection timed out) while connecting to > upstream I believe this is clear enough: nginx wasn't able to connect to upstream (backend) server. Check backend server and port returned by auth_http script. > it's saying +OK for user in connect > but after entering pass it's giving above error. After PASS command nginx will try to authenticate client with auth_http script and then connect to upstream (backend) server. As soon as connection to upstream times out - nginx should return "-ERR internal server error" in reply to PASS command (if client is still here). Maxim Dounin From mdounin at mdounin.ru Mon May 2 22:57:03 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 May 2011 22:57:03 +0400 Subject: 502 errors, upstream sent too big header In-Reply-To: <79524ba8fb1d2c8fb975fab30434c302@ruby-forum.com> References: <79524ba8fb1d2c8fb975fab30434c302@ruby-forum.com> Message-ID: <20110502185703.GE42265@mdounin.ru> Hello! On Mon, May 02, 2011 at 06:08:24AM +0200, Mike P. wrote: > Hi, > > I'm getting this same error (please see log output below) with > Nginx(0.8.54) and Passenger(3.0.6) using GET requests with really long > URIs. > > My assumption is that fastcgi_buffer* directives won't apply to my > configuration since the request is being handled by passenger instead of > a php/perl fastcgi socket. You have to tune appropriate settings provided by passenger module. Please refer to passenger documentation for exact names, most likely passenger_buffer_size and so on. [...] Maxim Dounin From igor at sysoev.ru Mon May 2 22:57:16 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Mon, 2 May 2011 22:57:16 +0400 Subject: nginx rewrite In-Reply-To: References: <721e551f14c3665cad91466a13a63001@ruby-forum.com> Message-ID: <20110502185716.GG43927@sysoev.ru> On Mon, May 02, 2011 at 08:48:50PM +0200, Yanxin Z. wrote: > Hello Igor Sysoev, > Thank you for your help. > > You suggestion is great, but my problem is a little bit complicated. > > The image name is flexible, can be from 0.jpg to 23456.jpg, we organize > the image files into folders, whose name is the number divide by 1000. > For example, the folder 100 saves the file 100000.jpg to 100999.jpg. > > Both the folder and file name are flexible in my case. > > Do you have any suggestion on it? location /img/ { location ~ ^/img/(\d)(\.jpg)$ { alias /path/to/img/0$1/$1$2; } location ~ ^/img/(\d\d)(\d*\.jpg)$ { alias /path/to/img/$1/$1$2; } return 404; } -- Igor Sysoev From nginx-forum at nginx.us Mon May 2 23:04:48 2011 From: nginx-forum at nginx.us (dbanks) Date: Mon, 02 May 2011 15:04:48 -0400 Subject: Shared nginx configuration for multiple servers In-Reply-To: References: Message-ID: I'm facing a related issue, although my attempt at implementation is different from the OP. ip.conf: set $server_ip 10.11.1.50; nginx.conf: ... server { include ip.conf; #adds the $server_ip variable which is machine-specific listen $server_ip:80 default_server; ... } This fails with: nginx: [emerg] host not found in "$server_ip:80" of the "listen" directive in /opt/nginx/conf/nginx.conf:48 What is the best way to include a hard-coded IP address from another file in order to allow nginx.conf to be universal across deployed machines? Cheers, Dean Posted at Nginx Forum: http://forum.nginx.org/read.php?2,188621,195032#msg-195032 From mdounin at mdounin.ru Mon May 2 23:19:06 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 May 2011 23:19:06 +0400 Subject: nginx rewrite In-Reply-To: <20110502185716.GG43927@sysoev.ru> References: <721e551f14c3665cad91466a13a63001@ruby-forum.com> <20110502185716.GG43927@sysoev.ru> Message-ID: <20110502191906.GF42265@mdounin.ru> Hello! On Mon, May 02, 2011 at 10:57:16PM +0400, Igor Sysoev wrote: > On Mon, May 02, 2011 at 08:48:50PM +0200, Yanxin Z. wrote: > > Hello Igor Sysoev, > > Thank you for your help. > > > > You suggestion is great, but my problem is a little bit complicated. > > > > The image name is flexible, can be from 0.jpg to 23456.jpg, we organize > > the image files into folders, whose name is the number divide by 1000. > > For example, the folder 100 saves the file 100000.jpg to 100999.jpg. > > > > Both the folder and file name are flexible in my case. > > > > Do you have any suggestion on it? > > location /img/ { > > location ~ ^/img/(\d)(\.jpg)$ { > alias /path/to/img/0$1/$1$2; > } > > location ~ ^/img/(\d\d)(\d*\.jpg)$ { > alias /path/to/img/$1/$1$2; > } > > return 404; > } As far as I understand original question, the following should work (same as above, but fixed to use division by 1000 instead of two first digits): location /img/ { location ~ ^/img/(\d+)(\d\d\d\.jpg)$ { alias /path/to/img/$1/$1$2; } location ~ ^/img/(\d+\.jpg)$ { alias /path/to/img/0/$1; } return 404; } Maxim Dounin From mdounin at mdounin.ru Mon May 2 23:26:17 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 May 2011 23:26:17 +0400 Subject: Shared nginx configuration for multiple servers In-Reply-To: References: Message-ID: <20110502192617.GG42265@mdounin.ru> Hello! On Mon, May 02, 2011 at 03:04:48PM -0400, dbanks wrote: > I'm facing a related issue, although my attempt at implementation is > different from the OP. > > ip.conf: > set $server_ip 10.11.1.50; > > nginx.conf: > ... > server { > include ip.conf; #adds the $server_ip variable which is > machine-specific > listen $server_ip:80 default_server; > ... > } > > This fails with: nginx: [emerg] host not found in "$server_ip:80" of > the "listen" directive in /opt/nginx/conf/nginx.conf:48 > > What is the best way to include a hard-coded IP address from another > file in order to allow nginx.conf to be universal across deployed > machines? Variable are evaluated at runtime during request processing, you can't use them to configure listening sockets. Either place full listen directive in included file or use some external scripting to produce actual config. Maxim Dounin From lists at ruby-forum.com Mon May 2 23:29:55 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Mon, 02 May 2011 21:29:55 +0200 Subject: nginx rewrite In-Reply-To: <721e551f14c3665cad91466a13a63001@ruby-forum.com> References: <721e551f14c3665cad91466a13a63001@ruby-forum.com> Message-ID: <3f4dd13fbd8403d956188afc8bc69fd5@ruby-forum.com> Thank you Maxim and Igor. It's working for me. Yanxin -- Posted via http://www.ruby-forum.com/. From mdounin at mdounin.ru Tue May 3 01:04:56 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 3 May 2011 01:04:56 +0400 Subject: Crash (double free or corruption) on trying to proxy to localhost In-Reply-To: References: Message-ID: <20110502210456.GH42265@mdounin.ru> Hello! On Sun, May 01, 2011 at 05:54:17PM -0700, Stephen Weeks wrote: > I've currently got a pool of systems running nginx proxying to a pool of > systems running apache. I'm trying to move to running nginx locally on the > apache hosts instead of separate systems to avoid the extra network hop, > make more-efficient use of resources, and enable some future development > (including migrating to running our application on nginx via fastcgi instead > of apache, ideally). we've currently got some significant architecture > built up around apache, so converting right now is uncomfortable. > > Ideally, I'd like nginx to just serve from localhost, but fail over to the > rest of the pool when localhost in unavailable, so in my upstream I have > every server except for localhost set as 'backup'. I'm otherwise running > identical configurations of apache and nginx on a single system together as > used in the rest of the two pools. This works exactly as expected, except > that I get a few crashes of nginx workers every minute. This only happens > when proxying to the local system. If I proxy anywhere else, it works > fine. Other proxies can serve from this system without trouble. I see this > same behaviour on other hosts when I build them the same way, so it's not an > error with the host. I see this crash on 0.7.65, 0.8.54, and 1.0.0, running > on Ubuntu 10.04 LTS. I see this crash whether I'm connecting to 127.0.0.1 > or the host's local IP. I see this crash whether I'm listening on *:80 or > :80. I see this crash whether I'm connecting to :80 or running > apache on a different port and connecting to :81. I see this crash whether > I'm running ubuntu's "nginx-light" configuration, or their "nginx-full" > configuration. I see no errors logged from apache. > > 1) I'd really love to make this work, so if there's anything else I can try, > any additional debugging information I can give, I'd appreciate it. > 2) Nginx has been very useful to me so far, so I thought you'd appreciate a > bug report. > > Posted on github, I have a problem description, section of a debug log, my > (slightly edited: flattened includes and stripped an IP) nginx.conf, a gdb > backtrace, and some additional information I was asked for when looking for > help on IRC. This is everything I've been able to come up with that sounds > plausibly relevant. > > https://gist.github.com/1574dbaf3a3dcda920a2 > > Any help? Could you please provide: 1. nginx -V output 2. Full debug log for '*60' connection (the one which triggered abort in glibc), the one you provided contatins only last part of the connection in question. Running grep -F ' 27772#0: *60 ' on original debug log should produce something useable. Maxim Dounin From ionathan at gmail.com Tue May 3 02:00:18 2011 From: ionathan at gmail.com (Jonathan Leibiusky) Date: Mon, 2 May 2011 19:00:18 -0300 Subject: reloading conf Message-ID: Hi! How reloading my conf can affect my running nginx instances that are under load? Just made a small test and I saw that some requests to the upstream are being lost. I am reloading the same configuration I had, didn't change anything. Is there any best practice on how to do it? how often? if I should avoid something in particular? etc... Thanks for your help! Jonathan -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Tue May 3 02:35:50 2011 From: nginx-forum at nginx.us (chiefops) Date: Mon, 02 May 2011 18:35:50 -0400 Subject: domain rewrite/redirect Message-ID: <9846569c04e02f90d5435cd81c105ee3.NginxMailingListEnglish@forum.nginx.org> I have two different domains. One is a shortened url for referrals. I want to be able redirect the host name from the short url with parameters to the actual url. For example: abcd.com/123456 rewrite/redirect to efgh.com/referrals/123456 Initially I used a CNAME setup for adbcd.com to rewrite to efgh.com but that doesn't rewrite the domain name or url. Here's a short version of my setup with the rewrite rules I'm trying to use: http { server { listen 80; server_name abcd.com efgh.com; rewrite ^(.*) https://$host$1 permanent; } server { listen 443; server_name abcd.com efgh.com; if ($host ~* ^(efgh\.com)$ ) { rewrite ^/(.*)$ https://abcd.com/referrals/$ redirect; } } } The url on the user's browser after entering https://efgh.com/123456 should appear as https://abcd.com/referrals/123456. Currently, it's just rewriting. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195075,195075#msg-195075 From nginx-forum at nginx.us Tue May 3 03:05:04 2011 From: nginx-forum at nginx.us (chiefops) Date: Mon, 02 May 2011 19:05:04 -0400 Subject: domain rewrite/redirect In-Reply-To: <9846569c04e02f90d5435cd81c105ee3.NginxMailingListEnglish@forum.nginx.org> References: <9846569c04e02f90d5435cd81c105ee3.NginxMailingListEnglish@forum.nginx.org> Message-ID: I think I'm getting a bit further. I modified this a bit and its redirecting but not carrying the parameters. Here's the updated config: http { server { listen 80; server_name abcd.com; rewrite ^(.*) https://$host$1 permanent; } server { listen 80; server_name efgh.com; rewrite ^(.*) https://abcd.com/referrals/$1 redirect; } server { listen 443; server_name abcd.com; } server { listen 443; server efgh.com rewrite ^(.*) https://abcd.com/referrals/$1 permanent; } } } } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195075,195084#msg-195084 From sweeks at imvu.com Tue May 3 03:45:13 2011 From: sweeks at imvu.com (Stephen Weeks) Date: Mon, 2 May 2011 16:45:13 -0700 Subject: Crash (double free or corruption) on trying to proxy to localhost In-Reply-To: <20110502210456.GH42265@mdounin.ru> References: <20110502210456.GH42265@mdounin.ru> Message-ID: Sure! I've added it to the post on github. I've slightly edited the log out of paranoia (replacing a customer ID and auth key). I can confirm now that I ran this proxy with the upstreamfair module overnight and it didn't crash at all. I can't get it to preferentially serve to localhost, though, as it doesn't support 'backup' as a server attribute, and doesn't seem to really use the weights, so that's suboptimal. Anything else I can add to help troubleshooting this? Anything you'd like from the core dump? On Mon, May 2, 2011 at 2:04 PM, Maxim Dounin wrote: > Hello! > > On Sun, May 01, 2011 at 05:54:17PM -0700, Stephen Weeks wrote: > > > I've currently got a pool of systems running nginx proxying to a pool of > > systems running apache. I'm trying to move to running nginx locally on > the > > apache hosts instead of separate systems to avoid the extra network hop, > > make more-efficient use of resources, and enable some future development > > (including migrating to running our application on nginx via fastcgi > instead > > of apache, ideally). we've currently got some significant architecture > > built up around apache, so converting right now is uncomfortable. > > > > Ideally, I'd like nginx to just serve from localhost, but fail over to > the > > rest of the pool when localhost in unavailable, so in my upstream I have > > every server except for localhost set as 'backup'. I'm otherwise running > > identical configurations of apache and nginx on a single system together > as > > used in the rest of the two pools. This works exactly as expected, > except > > that I get a few crashes of nginx workers every minute. This only > happens > > when proxying to the local system. If I proxy anywhere else, it works > > fine. Other proxies can serve from this system without trouble. I see > this > > same behaviour on other hosts when I build them the same way, so it's not > an > > error with the host. I see this crash on 0.7.65, 0.8.54, and 1.0.0, > running > > on Ubuntu 10.04 LTS. I see this crash whether I'm connecting to > 127.0.0.1 > > or the host's local IP. I see this crash whether I'm listening on *:80 > or > > :80. I see this crash whether I'm connecting to :80 or > running > > apache on a different port and connecting to :81. I see this crash > whether > > I'm running ubuntu's "nginx-light" configuration, or their "nginx-full" > > configuration. I see no errors logged from apache. > > > > 1) I'd really love to make this work, so if there's anything else I can > try, > > any additional debugging information I can give, I'd appreciate it. > > 2) Nginx has been very useful to me so far, so I thought you'd appreciate > a > > bug report. > > > > Posted on github, I have a problem description, section of a debug log, > my > > (slightly edited: flattened includes and stripped an IP) nginx.conf, a > gdb > > backtrace, and some additional information I was asked for when looking > for > > help on IRC. This is everything I've been able to come up with that > sounds > > plausibly relevant. > > > > https://gist.github.com/1574dbaf3a3dcda920a2 > > > > Any help? > > Could you please provide: > > 1. nginx -V output > > 2. Full debug log for '*60' connection (the one which triggered > abort in glibc), the one you provided contatins only last part of > the connection in question. Running grep -F ' 27772#0: *60 ' on > original debug log should produce something useable. > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Tue May 3 03:55:11 2011 From: nginx-forum at nginx.us (chiefops) Date: Mon, 02 May 2011 19:55:11 -0400 Subject: domain rewrite/redirect In-Reply-To: <9846569c04e02f90d5435cd81c105ee3.NginxMailingListEnglish@forum.nginx.org> References: <9846569c04e02f90d5435cd81c105ee3.NginxMailingListEnglish@forum.nginx.org> Message-ID: <7b57cba3f10768842326d51ac87ced5f.NginxMailingListEnglish@forum.nginx.org> Nevermind, got if fixed on my end. Simple, just had to reread the wiki: rewrite ^ https://abcd.com/referrals$request_uri? permanent; Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195075,195093#msg-195093 From mdounin at mdounin.ru Tue May 3 04:27:51 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 3 May 2011 04:27:51 +0400 Subject: reloading conf In-Reply-To: References: Message-ID: <20110503002750.GJ42265@mdounin.ru> Hello! On Mon, May 02, 2011 at 07:00:18PM -0300, Jonathan Leibiusky wrote: > Hi! How reloading my conf can affect my running nginx instances that are > under load? While reloading nginx master process parses new configuration, starts new worker processes and instructs old worker processes to gracefully terminate (i.e. finish processing of all requests and then exit). This shouldn't affect anything but may require additional resources (mostly memory). If you don't have enough memory reload may be problematic operation, and it's generally good idea to make sure your running nginx doesn't consume more than half of your server memory under normal load (to make sure it will be possible to start additional worker processes on reload). > Just made a small test and I saw that some requests to the upstream are > being lost. I am reloading the same configuration I had, didn't change > anything. It's strange you see something being lost. Are you sure you actually did reload (i.e. sent SIGHUP to nginx master process)? > Is there any best practice on how to do it? how often? if I should avoid > something in particular? etc... General practice is to reload config when you've changed it. If you are doing reloads often - you may want to make sure previous reload was completed (i.e. old workers terminated) before doing another one (there is nothing fatal if it's not, but see above about resources). Please note that with some use cases (long-running requests, downloads and so on) reload may take several hours or even more. Maxim Dounin From ionathan at gmail.com Tue May 3 05:02:21 2011 From: ionathan at gmail.com (Jonathan Leibiusky) Date: Mon, 2 May 2011 22:02:21 -0300 Subject: reloading conf In-Reply-To: <20110503002750.GJ42265@mdounin.ru> References: <20110503002750.GJ42265@mdounin.ru> Message-ID: Thanks! I will check it again. In general my nginx instances have very low cpu and memory usage, way beneath 50%, probably around 10% or even less. And request in our app are avg 200 or 300 ms, so no long running requests. We are serving around 15k req/s on 5 nginx instances (instance=machine), so maybe we have something wrong in the conf or something. Anyway, now I understand how it works, so it shouldn't affect anything. Thanks again! Jonathan On 5/2/11, Maxim Dounin wrote: > Hello! > > On Mon, May 02, 2011 at 07:00:18PM -0300, Jonathan Leibiusky wrote: > >> Hi! How reloading my conf can affect my running nginx instances that are >> under load? > > While reloading nginx master process parses new configuration, > starts new worker processes and instructs old worker processes to > gracefully terminate (i.e. finish processing of all requests and > then exit). > > This shouldn't affect anything but may require additional > resources (mostly memory). If you don't have enough memory reload > may be problematic operation, and it's generally good idea to make > sure your running nginx doesn't consume more than half of your > server memory under normal load (to make sure it will be possible > to start additional worker processes on reload). > >> Just made a small test and I saw that some requests to the upstream are >> being lost. I am reloading the same configuration I had, didn't change >> anything. > > It's strange you see something being lost. Are you sure you > actually did reload (i.e. sent SIGHUP to nginx master process)? > >> Is there any best practice on how to do it? how often? if I should avoid >> something in particular? etc... > > General practice is to reload config when you've changed it. > > If you are doing reloads often - you may want to make sure > previous reload was completed (i.e. old workers terminated) before > doing another one (there is nothing fatal if it's not, but see > above about resources). Please note that with some use cases > (long-running requests, downloads and so on) reload may take > several hours or even more. > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > From lists at ruby-forum.com Tue May 3 06:03:29 2011 From: lists at ruby-forum.com (Mike P.) Date: Tue, 03 May 2011 04:03:29 +0200 Subject: 502 errors, upstream sent too big header In-Reply-To: References: Message-ID: According to passenger's documentation, it doesn't appear that a directive exists to adjust any header size limitations. Also, Phusion's CTO doesn't mention any possible solution here regarding the same error: http://goo.gl/ZPXvO If there is no such adjustment that can be made via passenger to alleviate this error, is there also no possible solution within Nginx? Thanks! -- Posted via http://www.ruby-forum.com/. From igor at sysoev.ru Tue May 3 08:19:01 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Tue, 3 May 2011 08:19:01 +0400 Subject: 502 errors, upstream sent too big header In-Reply-To: References: Message-ID: <20110503041901.GA84770@sysoev.ru> On Mon, Apr 04, 2011 at 04:52:22PM -0400, Travis Derouin wrote: > We seem to be getting sporadic 502 errors, mostly when users are logging in. > We run a Mediawiki based website, are running nginx 0.9.5, php-fpm 5.3.5. > > The error: > > 2011/04/04 10:41:34 [error] 30517#0: *2143711 upstream sent too big header > while reading response header from upstream, client: 192.168.100.5, server: > _, request: "POST > /index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto=Main-Page > HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.wikihow.com", > referrer: "http://www.wikihow.com/Special:Userlogin?returnto=Main-Page" > > Our nginx.conf proxy buffer settings: > > proxy_buffers 16 16k; > proxy_buffer_size 32k; > > We've tried increasing these values from the defaults a few times, and it > doesn't seem to fix the issue. > > Do you have any suggestions on how to fix this? fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; since you use fastcgi, but not proxy. -- Igor Sysoev From nginx-forum at nginx.us Tue May 3 10:09:45 2011 From: nginx-forum at nginx.us (moorthi) Date: Tue, 03 May 2011 02:09:45 -0400 Subject: nginx imaps auth_http cyrus In-Reply-To: <8599d7049c20a5f08721167b39775a44.NginxMailingListEnglish@forum.nginx.org> References: <4D73FB1E.3090104@alokat.org> <3f29c76ca3fec62ea3f4f3423b70de4e.NginxMailingListEnglish@forum.nginx.org> <8599d7049c20a5f08721167b39775a44.NginxMailingListEnglish@forum.nginx.org> Message-ID: <656fc93354f0009fb1ef5831e7369a2a.NginxMailingListEnglish@forum.nginx.org> auth_http script is working fine if i use pop/imap ports 110/143, if i use 993/995 it's not working Posted at Nginx Forum: http://forum.nginx.org/read.php?2,180902,195125#msg-195125 From cedric.jeanneret at camptocamp.com Tue May 3 11:44:48 2011 From: cedric.jeanneret at camptocamp.com (Cedric Jeanneret) Date: Tue, 3 May 2011 09:44:48 +0200 Subject: domain rewrite/redirect In-Reply-To: <7b57cba3f10768842326d51ac87ced5f.NginxMailingListEnglish@forum.nginx.org> References: <9846569c04e02f90d5435cd81c105ee3.NginxMailingListEnglish@forum.nginx.org> <7b57cba3f10768842326d51ac87ced5f.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110503094448.27d397f8@cholatse.wrk.lsn.camptocamp.com> On Mon, 02 May 2011 19:55:11 -0400 "chiefops" wrote: > Nevermind, got if fixed on my end. Simple, just had to reread the wiki: > > rewrite ^ https://abcd.com/referrals$request_uri? permanent; > > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195075,195093#msg-195093 > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx Hello, You may also use HSTS headers to ensure your users use SSL instead of non-SSL. This won't replace the redirect, but the compatible browser will know on the next visit that it should use the SSL server only. It won't request the non-SSL part. More about HSTS: https://secure.wikimedia.org/wikipedia/en/wiki/HTTP_Strict_Transport_Security Cheers, C. -- C?dric Jeanneret | System Administrator 021 619 10 32 | Camptocamp SA cedric.jeanneret at camptocamp.com | PSE-A / EPFL www.camptocamp.com | www.github.com/camptocamp -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From mdounin at mdounin.ru Tue May 3 11:45:07 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 3 May 2011 11:45:07 +0400 Subject: 502 errors, upstream sent too big header In-Reply-To: References:

Message-ID: <20110503074507.GL42265@mdounin.ru> Hello! On Tue, May 03, 2011 at 04:03:29AM +0200, Mike P. wrote: > According to passenger's documentation, it doesn't appear that a > directive exists to adjust any header size limitations. > > Also, Phusion's CTO doesn't mention any possible solution here regarding > the same error: http://goo.gl/ZPXvO Ah, indeed: looking though code suggests they unconditionally set buffer size to pagesize and doesn't allow it to be changed. > If there is no such adjustment that can be made via passenger to > alleviate this error, is there also no possible solution within Nginx? You may consider using another module to talk to backends, standard proxy or fastcgi may be a good solution. Maxim Dounin From igor at sysoev.ru Tue May 3 13:10:55 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Tue, 3 May 2011 13:10:55 +0400 Subject: Using map and proxy_pass In-Reply-To: <201104301252.43466.markus.jelsma@openindex.io> References: <201104291748.48357.markus.jelsma@openindex.io> <201104301252.43466.markus.jelsma@openindex.io> Message-ID: <20110503091055.GE1707@sysoev.ru> On Sat, Apr 30, 2011 at 12:52:42PM +0200, Markus Jelsma wrote: > Too many. I need to generate the mappings in an external program. I'd rather > not generate as many different locations. Why ? locations without regex will run fast. -- Igor Sysoev From mscherer82 at gmail.com Tue May 3 15:01:53 2011 From: mscherer82 at gmail.com (mscherer82 at gmail.com) Date: Tue, 3 May 2011 13:01:53 +0200 Subject: multiple connections to a fastcgi server Message-ID: Hello, I want to build a fast cgi server application which can handle multiple simoultanous calls. I found the threaded.c (or threaded.pl) example in the fast cgi sdk. (http://www.fastcgi.com/devkit/examples/threaded.c) But when running with my current configuration, the webserver only opens one connection at time and the second requests is waiting until the first one is finished. I don't want to use multiplexing. It could be done through multiple connections. default: server { ... location ~ \.c$ { include /etc/nginx/fastcgi_params; #or whatever you named it # fastcgi_pass unix:/tmp/c.socket; fastcgi_pass 127.0.0.1:9000; } } Is it possible to change this behaviour? Thanks Marc From markus.jelsma at openindex.io Tue May 3 15:02:53 2011 From: markus.jelsma at openindex.io (Markus Jelsma) Date: Tue, 3 May 2011 13:02:53 +0200 Subject: Using map and proxy_pass In-Reply-To: <20110503091055.GE1707@sysoev.ru> References: <201104291748.48357.markus.jelsma@openindex.io> <201104301252.43466.markus.jelsma@openindex.io> <20110503091055.GE1707@sysoev.ru> Message-ID: <201105031302.53844.markus.jelsma@openindex.io> Thanks Francis and Igor. Is there are penalty for having a huge configuration because of a very large number of locations? On Tuesday 03 May 2011 11:10:55 Igor Sysoev wrote: > On Sat, Apr 30, 2011 at 12:52:42PM +0200, Markus Jelsma wrote: > > Too many. I need to generate the mappings in an external program. I'd > > rather not generate as many different locations. > > Why ? locations without regex will run fast. -- Markus Jelsma - CTO - Openindex http://www.linkedin.com/in/markus17 050-8536620 / 06-50258350 From mdounin at mdounin.ru Tue May 3 15:46:42 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 3 May 2011 15:46:42 +0400 Subject: Crash (double free or corruption) on trying to proxy to localhost In-Reply-To: References: <20110502210456.GH42265@mdounin.ru> Message-ID: <20110503114642.GN42265@mdounin.ru> Hello! On Mon, May 02, 2011 at 04:45:13PM -0700, Stephen Weeks wrote: > Sure! I've added it to the post on github. I've slightly edited the log > out of paranoia (replacing a customer ID and auth key). > > I can confirm now that I ran this proxy with the upstreamfair module > overnight and it didn't crash at all. I can't get it to preferentially > serve to localhost, though, as it doesn't support 'backup' as a server > attribute, and doesn't seem to really use the weights, so that's suboptimal. > > Anything else I can add to help troubleshooting this? Anything you'd like > from the core dump? Ok, thank you, it looks like I see the problem. Allocation for "tried" flags doesn't take into account number of backup servers, and if there are more backup servers than normal ones (and backup servers are in fact used) - this may cause memory corruption. Please try the attached patch. Maxim Dounin > > On Mon, May 2, 2011 at 2:04 PM, Maxim Dounin wrote: > > > Hello! > > > > On Sun, May 01, 2011 at 05:54:17PM -0700, Stephen Weeks wrote: > > > > > I've currently got a pool of systems running nginx proxying to a pool of > > > systems running apache. I'm trying to move to running nginx locally on > > the > > > apache hosts instead of separate systems to avoid the extra network hop, > > > make more-efficient use of resources, and enable some future development > > > (including migrating to running our application on nginx via fastcgi > > instead > > > of apache, ideally). we've currently got some significant architecture > > > built up around apache, so converting right now is uncomfortable. > > > > > > Ideally, I'd like nginx to just serve from localhost, but fail over to > > the > > > rest of the pool when localhost in unavailable, so in my upstream I have > > > every server except for localhost set as 'backup'. I'm otherwise running > > > identical configurations of apache and nginx on a single system together > > as > > > used in the rest of the two pools. This works exactly as expected, > > except > > > that I get a few crashes of nginx workers every minute. This only > > happens > > > when proxying to the local system. If I proxy anywhere else, it works > > > fine. Other proxies can serve from this system without trouble. I see > > this > > > same behaviour on other hosts when I build them the same way, so it's not > > an > > > error with the host. I see this crash on 0.7.65, 0.8.54, and 1.0.0, > > running > > > on Ubuntu 10.04 LTS. I see this crash whether I'm connecting to > > 127.0.0.1 > > > or the host's local IP. I see this crash whether I'm listening on *:80 > > or > > > :80. I see this crash whether I'm connecting to :80 or > > running > > > apache on a different port and connecting to :81. I see this crash > > whether > > > I'm running ubuntu's "nginx-light" configuration, or their "nginx-full" > > > configuration. I see no errors logged from apache. > > > > > > 1) I'd really love to make this work, so if there's anything else I can > > try, > > > any additional debugging information I can give, I'd appreciate it. > > > 2) Nginx has been very useful to me so far, so I thought you'd appreciate > > a > > > bug report. > > > > > > Posted on github, I have a problem description, section of a debug log, > > my > > > (slightly edited: flattened includes and stripped an IP) nginx.conf, a > > gdb > > > backtrace, and some additional information I was asked for when looking > > for > > > help on IRC. This is everything I've been able to come up with that > > sounds > > > plausibly relevant. > > > > > > https://gist.github.com/1574dbaf3a3dcda920a2 > > > > > > Any help? > > > > Could you please provide: > > > > 1. nginx -V output > > > > 2. Full debug log for '*60' connection (the one which triggered > > abort in glibc), the one you provided contatins only last part of > > the connection in question. Running grep -F ' 27772#0: *60 ' on > > original debug log should produce something useable. > > > > Maxim Dounin > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://nginx.org/mailman/listinfo/nginx > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx -------------- next part -------------- # HG changeset patch # User Maxim Dounin # Date 1304422854 -14400 # Node ID b7826a837aaf484462db58d64ec0d060ba8b92e5 # Parent 00d13b6d4ebd225f94a2e2a3afa7dbd3ddfe4ed7 Upstream: properly allocate memory for tried flags. Previous allocation only took into account number of non-backup servers, and this caused memory corruption with many backup servers. See report here: http://nginx.org/pipermail/nginx/2011-May/026531.html diff --git a/src/http/ngx_http_upstream_round_robin.c b/src/http/ngx_http_upstream_round_robin.c --- a/src/http/ngx_http_upstream_round_robin.c +++ b/src/http/ngx_http_upstream_round_robin.c @@ -219,13 +219,18 @@ ngx_http_upstream_init_round_robin_peer( rrp->peers = us->peer.data; rrp->current = 0; - if (rrp->peers->number <= 8 * sizeof(uintptr_t)) { + n = rrp->peers->number; + + if (rrp->peers->next && rrp->peers->next->number > n) { + n = rrp->peers->next->number; + } + + if (n <= 8 * sizeof(uintptr_t)) { rrp->tried = &rrp->data; rrp->data = 0; } else { - n = (rrp->peers->number + (8 * sizeof(uintptr_t) - 1)) - / (8 * sizeof(uintptr_t)); + n = (n + (8 * sizeof(uintptr_t) - 1)) / (8 * sizeof(uintptr_t)); rrp->tried = ngx_pcalloc(r->pool, n * sizeof(uintptr_t)); if (rrp->tried == NULL) { From sweeks at imvu.com Tue May 3 16:00:03 2011 From: sweeks at imvu.com (Stephen Weeks) Date: Tue, 3 May 2011 05:00:03 -0700 Subject: Crash (double free or corruption) on trying to proxy to localhost In-Reply-To: <20110503114642.GN42265@mdounin.ru> References: <20110502210456.GH42265@mdounin.ru> <20110503114642.GN42265@mdounin.ru> Message-ID: I should be able to try this out tonight (>12 hours from now). I'll let you know how it works. Thanks for looking into this for me. On Tue, May 3, 2011 at 4:46 AM, Maxim Dounin wrote: > Hello! > > On Mon, May 02, 2011 at 04:45:13PM -0700, Stephen Weeks wrote: > > > Sure! I've added it to the post on github. I've slightly edited the log > > out of paranoia (replacing a customer ID and auth key). > > > > I can confirm now that I ran this proxy with the upstreamfair module > > overnight and it didn't crash at all. I can't get it to preferentially > > serve to localhost, though, as it doesn't support 'backup' as a server > > attribute, and doesn't seem to really use the weights, so that's > suboptimal. > > > > Anything else I can add to help troubleshooting this? Anything you'd > like > > from the core dump? > > Ok, thank you, it looks like I see the problem. > > Allocation for "tried" flags doesn't take into account number of > backup servers, and if there are more backup servers than normal > ones (and backup servers are in fact used) - this may cause memory > corruption. > > Please try the attached patch. > > Maxim Dounin > > > > > On Mon, May 2, 2011 at 2:04 PM, Maxim Dounin wrote: > > > > > Hello! > > > > > > On Sun, May 01, 2011 at 05:54:17PM -0700, Stephen Weeks wrote: > > > > > > > I've currently got a pool of systems running nginx proxying to a pool > of > > > > systems running apache. I'm trying to move to running nginx locally > on > > > the > > > > apache hosts instead of separate systems to avoid the extra network > hop, > > > > make more-efficient use of resources, and enable some future > development > > > > (including migrating to running our application on nginx via fastcgi > > > instead > > > > of apache, ideally). we've currently got some significant > architecture > > > > built up around apache, so converting right now is uncomfortable. > > > > > > > > Ideally, I'd like nginx to just serve from localhost, but fail over > to > > > the > > > > rest of the pool when localhost in unavailable, so in my upstream I > have > > > > every server except for localhost set as 'backup'. I'm otherwise > running > > > > identical configurations of apache and nginx on a single system > together > > > as > > > > used in the rest of the two pools. This works exactly as expected, > > > except > > > > that I get a few crashes of nginx workers every minute. This only > > > happens > > > > when proxying to the local system. If I proxy anywhere else, it > works > > > > fine. Other proxies can serve from this system without trouble. I > see > > > this > > > > same behaviour on other hosts when I build them the same way, so it's > not > > > an > > > > error with the host. I see this crash on 0.7.65, 0.8.54, and 1.0.0, > > > running > > > > on Ubuntu 10.04 LTS. I see this crash whether I'm connecting to > > > 127.0.0.1 > > > > or the host's local IP. I see this crash whether I'm listening on > *:80 > > > or > > > > :80. I see this crash whether I'm connecting to :80 or > > > running > > > > apache on a different port and connecting to :81. I see this crash > > > whether > > > > I'm running ubuntu's "nginx-light" configuration, or their > "nginx-full" > > > > configuration. I see no errors logged from apache. > > > > > > > > 1) I'd really love to make this work, so if there's anything else I > can > > > try, > > > > any additional debugging information I can give, I'd appreciate it. > > > > 2) Nginx has been very useful to me so far, so I thought you'd > appreciate > > > a > > > > bug report. > > > > > > > > Posted on github, I have a problem description, section of a debug > log, > > > my > > > > (slightly edited: flattened includes and stripped an IP) nginx.conf, > a > > > gdb > > > > backtrace, and some additional information I was asked for when > looking > > > for > > > > help on IRC. This is everything I've been able to come up with that > > > sounds > > > > plausibly relevant. > > > > > > > > https://gist.github.com/1574dbaf3a3dcda920a2 > > > > > > > > Any help? > > > > > > Could you please provide: > > > > > > 1. nginx -V output > > > > > > 2. Full debug log for '*60' connection (the one which triggered > > > abort in glibc), the one you provided contatins only last part of > > > the connection in question. Running grep -F ' 27772#0: *60 ' on > > > original debug log should produce something useable. > > > > > > Maxim Dounin > > > > > > _______________________________________________ > > > nginx mailing list > > > nginx at nginx.org > > > http://nginx.org/mailman/listinfo/nginx > > > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://nginx.org/mailman/listinfo/nginx > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From igor at sysoev.ru Tue May 3 16:06:21 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Tue, 3 May 2011 16:06:21 +0400 Subject: Using map and proxy_pass In-Reply-To: <201105031302.53844.markus.jelsma@openindex.io> References: <201104291748.48357.markus.jelsma@openindex.io> <201104301252.43466.markus.jelsma@openindex.io> <20110503091055.GE1707@sysoev.ru> <201105031302.53844.markus.jelsma@openindex.io> Message-ID: <20110503120621.GT1707@sysoev.ru> On Tue, May 03, 2011 at 01:02:53PM +0200, Markus Jelsma wrote: > Thanks Francis and Igor. Is there are penalty for having a huge configuration > because of a very large number of locations? nginx uses some kind of binary tree to search locations, so penalty should be small. -- Igor Sysoev > On Tuesday 03 May 2011 11:10:55 Igor Sysoev wrote: > > On Sat, Apr 30, 2011 at 12:52:42PM +0200, Markus Jelsma wrote: > > > Too many. I need to generate the mappings in an external program. I'd > > > rather not generate as many different locations. > > > > Why ? locations without regex will run fast. > > -- > Markus Jelsma - CTO - Openindex > http://www.linkedin.com/in/markus17 > 050-8536620 / 06-50258350 From igor at sysoev.ru Tue May 3 16:15:58 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Tue, 3 May 2011 16:15:58 +0400 Subject: nginx-1.0.1 Message-ID: <20110503121558.GW1707@sysoev.ru> Changes with nginx 1.0.1 03 May 2011 *) Change: now the "split_clients" directive uses MurmurHash2 algorithm because of better distribution. Thanks to Oleg Mamontov. *) Change: now long strings starting with zero are not considered as false values. Thanks to Maxim Dounin. *) Change: now nginx uses a default listen backlog value 511 on Linux. *) Feature: the $upstream_... variables may be used in the SSI and perl modules. *) Bugfix: now nginx limits better disk cache size. Thanks to Oleg Mamontov. *) Bugfix: a segmentation fault might occur while parsing incorrect IPv4 address; the bug had appeared in 0.9.3. Thanks to Maxim Dounin. *) Bugfix: nginx could not be built by gcc 4.6 without --with-debug option. *) Bugfix: nginx could not be built on Solaris 9 and earlier; the bug had appeared in 0.9.3. Thanks to Dagobert Michelsen. *) Bugfix: $request_time variable had invalid values if subrequests were used; the bug had appeared in 0.8.47. Thanks to Igor A. Valcov. -- Igor Sysoev From mdounin at mdounin.ru Tue May 3 16:16:09 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 3 May 2011 16:16:09 +0400 Subject: multiple connections to a fastcgi server In-Reply-To: References: Message-ID: <20110503121608.GQ42265@mdounin.ru> Hello! On Tue, May 03, 2011 at 01:01:53PM +0200, mscherer82 at gmail.com wrote: > I want to build a fast cgi server application which can handle > multiple simoultanous calls. I found the threaded.c (or threaded.pl) > example in the fast cgi sdk. > (http://www.fastcgi.com/devkit/examples/threaded.c) > > But when running with my current configuration, the webserver only > opens one connection at time and the second requests is waiting until > the first one is finished. I don't want to use multiplexing. It could > be done through multiple connections. nginx will open as many connections to fastcgi backend as it has concurrent requests. If you see only one connection at a time - you may want to check fastcgi app and testing tools you are using, probably serialization of requests happens there. Maxim Dounin From igor at sysoev.ru Tue May 3 16:45:03 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Tue, 3 May 2011 16:45:03 +0400 Subject: How to get a 404 logged with try_files? In-Reply-To: References: Message-ID: <20110503124503.GZ1707@sysoev.ru> On Mon, May 02, 2011 at 10:22:50AM -0400, monster wrote: > Hi! Just started with Nginx after reading it reached 1.0. > Congratulation! > > I'm trying to get my test site to return a "missing image" icon when an > image is missing, but have a 404 logged so I know I messed up something. > I want to specify the images name without file extensions, in case I > move some from PNG to JPG, or the other way around. My problem is that > try_files doc says last path MUST exist. I would like last path to be > $uri and cause a 404, not a 500. Tried using error_page to convert 500 > to 404, but did not have any effect. Thanks for any advice! > > location ~ ^/img/[^\.]*$ { > try_files $uri.png $uri.jpg $uri.gif $uri; > error_page 500 =404 /img/missing; > } > > location /img/ { > error_page 404 /img/missing; > } > > location = /img/missing { > rewrite .* /img/icon/missing.png; > } location /img/ { error_page 404 /img/icon/missing.png; location ~ ^/img/[^\.]*$ { try_files $uri.png $uri.jpg $uri.gif $uri =404; } } location = /img/icon/missing.png { # nothing } -- Igor Sysoev From nginx-forum at nginx.us Tue May 3 18:24:54 2011 From: nginx-forum at nginx.us (darckos) Date: Tue, 03 May 2011 10:24:54 -0400 Subject: Nginx Slowdown on Solaris In-Reply-To: References: <5b962f75c896719f311e1758cf349b78.NginxMailingListEnglish@forum.nginx.org> <28809a5d0d94cff2d6f534f448399488.NginxMailingListEnglish@forum.nginx.org> Message-ID: <42399eb9b544e9cb55d74d80ca601475.NginxMailingListEnglish@forum.nginx.org> Hello, I just changed my config with option 3 and I feel like my nignx is better now. http://img232.imageshack.us/img232/5369/nginx.png My new config is : worker_processes 24; events { worker_connections 2048; devpoll_events 1; } http { include mime.types; default_type application/octet-stream; output_buffers 2 256k; keepalive_timeout 15; ... } Thanks for your help Posted at Nginx Forum: http://forum.nginx.org/read.php?2,194233,195256#msg-195256 From piotr.sikora at frickle.com Tue May 3 20:16:50 2011 From: piotr.sikora at frickle.com (Piotr Sikora) Date: Tue, 3 May 2011 18:16:50 +0200 Subject: FRiCKLE Labs & yo.se pres. ngx_cache_purge In-Reply-To: <8EB2CC25B0714F8B988CE183AE7BF6C9@Desktop> References: <07864ADE7B1B46B19DA043DF075AD211@nightmare> <8EB2CC25B0714F8B988CE183AE7BF6C9@Desktop> Message-ID: <2FF88DB4047D46DBB6B2CB508533EA85@Desktop> Version 1.3 is now available at: http://labs.frickle.com/nginx_ngx_cache_purge/ GitHub repository is available at: http://github.com/FRiCKLE/ngx_cache_purge/ Changes: 2011-05-03 VERSION 1.3 * Fix compatibility with nginx-1.0.1. Reported by Sergey A. Osokin and Markus Linnala. 2010-08-29 * Fix compatibility with nginx-0.8.0 and versions older than nginx-0.7.60. Best regards, Piotr Sikora < piotr.sikora at frickle.com > From piotr.sikora at frickle.com Tue May 3 21:15:54 2011 From: piotr.sikora at frickle.com (Piotr Sikora) Date: Tue, 3 May 2011 19:15:54 +0200 Subject: FRiCKLE Labs & C2Hosting pres. ngx_slowfs_cache In-Reply-To: <9598C25E2C214D3AB981B7163E0C967A@Desktop> References: <3F594E374AC64662B26C63FDACA6F09F@nightmare><5708F1AFE3324115B1591ACD4EE3775E@nightmare><491198975B004407BC79739160F49616@nightmare> <9598C25E2C214D3AB981B7163E0C967A@Desktop> Message-ID: <59110DA6D3684E28A1471E0452991D85@Desktop> Version 1.6 is now available at: http://labs.frickle.com/nginx_ngx_slowfs_cache/ GitHub repository is available at: http://github.com/FRiCKLE/ngx_slowfs_cache/ Changes: 2011-05-03 VERSION 1.6 * Fix compatibility with nginx-1.0.1. Reported by Sergey A. Osokin. 2011-04-21 * Stop doing sanity checks when module isn't enabled. Reported by Tobi Tamas. Best regards, Piotr Sikora < piotr.sikora at frickle.com > From nginx-forum at nginx.us Tue May 3 21:42:42 2011 From: nginx-forum at nginx.us (art.wu) Date: Tue, 03 May 2011 13:42:42 -0400 Subject: no server response in https Message-ID: I'm running 0.8.53 on QNX Neutrino 6.5.0 with SSL on and the server doesn't respond to the client. Instead it times out, as below. It does work properly with SSL off. Can you provide any suggestions? Thanks. 2011/05/02 09:39:57 [debug] 2220074#0: *7 http check ssl handshake 2011/05/02 09:39:57 [debug] 2220074#0: *7 https ssl handshake: 0x16 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL_do_handshake: -1 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL_get_error: 2 2011/05/02 09:39:57 [debug] 2220074#0: *7 post event 080E284C 2011/05/02 09:39:57 [debug] 2220074#0: *7 delete posted event 080E284C 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL handshake handler: 0 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL_do_handshake: 1 2011/05/02 09:39:57 [debug] 2220074#0: *7 select del event fd:3 ev:5 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL: TLSv1, cipher: "DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http process request line 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL_read: -1 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL_get_error: 2 2011/05/02 09:39:57 [debug] 2220074#0: *7 select add event fd:3 ev:5 2011/05/02 09:39:57 [debug] 2220074#0: *7 post event 080E284C 2011/05/02 09:39:57 [debug] 2220074#0: *7 delete posted event 080E284C 2011/05/02 09:39:57 [debug] 2220074#0: *7 http process request line 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL_read: 132 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL_read: -1 2011/05/02 09:39:57 [debug] 2220074#0: *7 SSL_get_error: 2 2011/05/02 09:39:57 [debug] 2220074#0: *7 http request line: "GET / HTTP/1.1" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http uri: "/" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http args: "" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http exten: "" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http process request header line 2011/05/02 09:39:57 [debug] 2220074#0: *7 http header: "User-Agent: curl/7.21.6 (amd64-pc-win32) libcurl/7.21.6 OpenSSL/0.9.8r zlib/1.2.5" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http header: "Host: 10.0.4.237" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http header: "Accept: */*" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http header done 2011/05/02 09:39:57 [debug] 2220074#0: *7 event timer del: 3: 2968566242 2011/05/02 09:39:57 [debug] 2220074#0: *7 rewrite phase: 0 2011/05/02 09:39:57 [debug] 2220074#0: *7 test location: "/" 2011/05/02 09:39:57 [debug] 2220074#0: *7 test location: ~ "\.cgi$" 2011/05/02 09:39:57 [debug] 2220074#0: *7 using configuration "/" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http cl:-1 max:1048576 2011/05/02 09:39:57 [debug] 2220074#0: *7 rewrite phase: 2 2011/05/02 09:39:57 [debug] 2220074#0: *7 post rewrite phase: 3 2011/05/02 09:39:57 [debug] 2220074#0: *7 generic phase: 4 2011/05/02 09:39:57 [debug] 2220074#0: *7 generic phase: 5 2011/05/02 09:39:57 [debug] 2220074#0: *7 access phase: 6 2011/05/02 09:39:57 [debug] 2220074#0: *7 access phase: 7 2011/05/02 09:39:57 [debug] 2220074#0: *7 post access phase: 8 2011/05/02 09:39:57 [debug] 2220074#0: *7 content phase: 9 2011/05/02 09:39:57 [debug] 2220074#0: *7 open index "/www/webdoc/index.html" 2011/05/02 09:39:57 [debug] 2220074#0: *7 internal redirect: "/index.html?" 2011/05/02 09:39:57 [debug] 2220074#0: *7 rewrite phase: 0 2011/05/02 09:39:57 [debug] 2220074#0: *7 test location: "/" 2011/05/02 09:39:57 [debug] 2220074#0: *7 test location: "50x.html" 2011/05/02 09:39:57 [debug] 2220074#0: *7 test location: ~ "\.cgi$" 2011/05/02 09:39:57 [debug] 2220074#0: *7 using configuration "/" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http cl:-1 max:1048576 2011/05/02 09:39:57 [debug] 2220074#0: *7 rewrite phase: 2 2011/05/02 09:39:57 [debug] 2220074#0: *7 post rewrite phase: 3 2011/05/02 09:39:57 [debug] 2220074#0: *7 generic phase: 4 2011/05/02 09:39:57 [debug] 2220074#0: *7 generic phase: 5 2011/05/02 09:39:57 [debug] 2220074#0: *7 access phase: 6 2011/05/02 09:39:57 [debug] 2220074#0: *7 access phase: 7 2011/05/02 09:39:57 [debug] 2220074#0: *7 post access phase: 8 2011/05/02 09:39:57 [debug] 2220074#0: *7 content phase: 9 2011/05/02 09:39:57 [debug] 2220074#0: *7 content phase: 10 2011/05/02 09:39:57 [debug] 2220074#0: *7 content phase: 11 2011/05/02 09:39:57 [debug] 2220074#0: *7 http filename: "/www/webdoc/index.html" 2011/05/02 09:39:57 [debug] 2220074#0: *7 add cleanup: 080F9748 2011/05/02 09:39:57 [debug] 2220074#0: *7 http static fd: 4 2011/05/02 09:39:57 [debug] 2220074#0: *7 http set discard body 2011/05/02 09:39:57 [debug] 2220074#0: *7 HTTP/1.1 200 OK Server: nginx/0.8.53 Date: Mon, 02 May 2011 13:39:57 GMT Content-Type: text/html Content-Length: 5222 Last-Modified: Wed, 27 Apr 2011 20:25:09 GMT Connection: keep-alive Accept-Ranges: bytes 2011/05/02 09:39:57 [debug] 2220074#0: *7 write new buf t:1 f:0 080F981C, pos 080F981C, size: 217 file: 0, size: 0 2011/05/02 09:39:57 [debug] 2220074#0: *7 http write filter: l:0 f:0 s:217 2011/05/02 09:39:57 [debug] 2220074#0: *7 http output filter "/index.html?" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http copy filter: "/index.html?" 2011/05/02 09:39:57 [debug] 2220074#0: *7 malloc: 0814BB80:5222 2011/05/02 09:39:57 [debug] 2220074#0: *7 read: 4, 0814BB80, 5222, 0 2011/05/02 09:39:57 [debug] 2220074#0: *7 http postpone filter "/index.html?" 080F9974 2011/05/02 09:39:57 [debug] 2220074#0: *7 write old buf t:1 f:0 080F981C, pos 080F981C, size: 217 file: 0, size: 0 2011/05/02 09:39:57 [debug] 2220074#0: *7 write new buf t:1 f:0 0814BB80, pos 0814BB80, size: 5222 file: 0, size: 0 2011/05/02 09:39:57 [debug] 2220074#0: *7 http write filter: l:1 f:0 s:5439 2011/05/02 09:39:57 [debug] 2220074#0: *7 http write filter limit 0 2011/05/02 09:39:57 [debug] 2220074#0: *7 posix_memalign: 080E1370:256 @16 2011/05/02 09:39:57 [debug] 2220074#0: *7 malloc: 080FCFF0:16384 2011/05/02 09:39:57 [debug] 2220074#0: *7 http write filter 080F98FC 2011/05/02 09:39:57 [debug] 2220074#0: *7 http copy filter: -2 "/index.html?" 2011/05/02 09:39:57 [debug] 2220074#0: *7 http finalize request: -2, "/index.html?" a:1, c:2 2011/05/02 09:39:57 [debug] 2220074#0: *7 event timer add: 3: 60000:2968566732 2011/05/02 09:39:57 [debug] 2220074#0: *7 http finalize request: -4, "/index.html?" a:1, c:2 2011/05/02 09:39:57 [debug] 2220074#0: *7 http request count:2 blk:0 2011/05/02 09:40:57 [debug] 2220074#0: *7 event timer del: 3: 2968566732 2011/05/02 09:40:57 [debug] 2220074#0: *7 http run request: "/index.html?" 2011/05/02 09:40:57 [debug] 2220074#0: *7 http writer handler: "/index.html?" 2011/05/02 09:40:57 [info] 2220074#0: *7 client timed out (260: Connection timed out) while sending response to client, client: 10.0.4.118, server: tf2000, request: "GET / HTTP/1.1", host: "10.0.4.237" 2011/05/02 09:40:57 [debug] 2220074#0: *7 http finalize request: 408, "/index.html?" a:1, c:1 2011/05/02 09:40:57 [debug] 2220074#0: *7 http terminate request count:1 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195329,195329#msg-195329 From lists at ruby-forum.com Wed May 4 01:00:52 2011 From: lists at ruby-forum.com (Mike P.) Date: Tue, 03 May 2011 23:00:52 +0200 Subject: 502 errors, upstream sent too big header In-Reply-To: References: Message-ID: <706c3a2663e40773c575d47b54ec69aa@ruby-forum.com> Maxim, Thanks! This makes a lot more sense now. I'll pursue a resolution with passenger at this time. Hopefully this is something that they can eventually resolve with a future release. Mike P. -- Posted via http://www.ruby-forum.com/. From kworthington at gmail.com Wed May 4 06:36:02 2011 From: kworthington at gmail.com (Kevin Worthington) Date: Tue, 3 May 2011 22:36:02 -0400 Subject: Nginx-1.0.1 for Windows 32-bit and 64-bit now available Message-ID: For those interested, Cygwin based versions of Nginx for Windows (both 32-bit and 64-bit) builds are available here: http://www.kevinworthington.com/nginx-for-windows/ Blog post/announcement: http://www.kevinworthington.com/nginx-101-windows/ Cygwin is NOT required on your system to run this version; all needed files are included. Please note that I have been providing Cygwin based builds since before official Windows builds were made available. It's mostly to support folks already using the builds. Thank you, Kevin -- Kevin Worthington http://www.kevinworthington.com/ From agentzh at gmail.com Wed May 4 06:54:08 2011 From: agentzh at gmail.com (agentzh) Date: Wed, 4 May 2011 10:54:08 +0800 Subject: Catch ALL requests by LUA-script In-Reply-To: <90c728b1bd4f045a01171963ba75b30f.NginxMailingListEnglish@forum.nginx.org> References: <90c728b1bd4f045a01171963ba75b30f.NginxMailingListEnglish@forum.nginx.org> Message-ID: On Mon, May 2, 2011 at 12:11 PM, HowToMeetLadies wrote: > Maybe slightly off-topic but then maybe it is useful for you (andiL) or > someone else. > Your feedback is always welcome! Sorry for the delay on my side for I was enjoying my vocation in the Fuzhou city in the southern region of China in the last few days :) > Before i start, @agentzh: every ?nth request, one of nginx > (0.8.54.4rc2-jit2beta6) worker processes segfaults, is this behaviour > related to the pcre issue? have not patched it yet.. ah and thank you > *very* much for giving nginx this all new powers!! ((: > What's your operating system? We used to observe similar periodic segfaults with exactly the same version of ngx_openresty on RedHat Enterprise Linux (RHEL) 5.4 in production but now all is fine after we switched LuaJIT to a more recent git HEAD version which includes an important work-around for an old libgcc bug explained here in the lua-l mailing list: http://lua-users.org/lists/lua-l/2011-03/msg00576.html I'll make a new release of ngx_openresty to include a new version of LuaJIT as well as some other modules' updates like ngx_lua's and ngx_srcache's. I'll inform you here when I'm done. Also, it'll be very appreciated if you can obtain a gdb backtrace for your segfaults so that we can look at the details ;) > Ok, im a long time nginx/redis/ruby user and this are my first steps > with lua and a lightweight (M)VC framework around three core "classes", > which uses haml for templates/layout and markdown for text processing (5 > minute ffi discount binding), drizzle and redis for data and redis also > for caching. Successfully running a little app with it. yay! *.* For now > i can give you some snippets just to show some basic aspects, ill > release a fully working example sometime soon, if the segfaults doesnt > belong to the pcre-issue ill try to debug that too. > Oh, that's awesome :) > > Below ill use luasql, instead you can use > ngx.location.capture("/some-internal-rds-json") and lua-yajl, but this > approach ends as soon as you want INSERT followed by LAST_INSERT_ID() or > other complex queries/transactions (as long as libdrizzle has no support > for multiple queries, maybe this is not the best option to go with, ive > tried alternatives and workarounds, but for now this is what *I* want). > The luasql library will certainly block nginx worker processes. Please dont' use that. I know libdrizzle is very limited in terms of functionality and it's *not* maintained very well. We'll start a completely new nginx upstream modules for mysql named ngx_mysql by implementing a non-blocking full-fledged highly-optimized mysql client from scratch. I'd love to see it happen this year ;) Another direction we're taking is to introduce the "cosocket" mechanism into ngx_lua such that one can use a *synchronous* Lua socket API that is transparently *asynchronous* and *non-blocking* on the nginx C level. Atop that, we can build pure-Lua non-blocking mysql client driver and thus putting everything onto the Lua land and no longer need to mess up the nginx.conf file and nginx subrequests. I'd also want to see it happen by this Christmas ;) > At the moment i do not need an ORM for my data, but have already done > some functions for both rds_json and luasql. redis has some commands > exposed in nginx.conf for easy access with lua (: The core classes: > > Request; which contains several ngx.var wrappers (for nil instead of '' > for empty keys), present(str), simple cookie/session/login, before/after > filters, haml/markdown rendering, etc.. > > MethodRequest < Request; which calls functions for HTTP Methods aka GET, > POST alike.. > and finally Resource < MethodRequest; which has an > Rails-ActionController-like interface. > The high-level abstraction for ngx_lua is excellent! We're taking a slightly different approach along the line in our web applications: http://agentzh.org/misc/nginx/lzsql-manual.html We're using a DSL (Domain Specific Language) compiler that emits Lua code and business logic is mostly implemented in this DSL. It's targeting our business though, not meant to be useful for general web application development (yet). Thanks for sharing! -agentzh From nginx-forum at nginx.us Wed May 4 07:10:53 2011 From: nginx-forum at nginx.us (stalkercn) Date: Tue, 03 May 2011 23:10:53 -0400 Subject: How to avoid "too big header" issue? In-Reply-To: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> Message-ID: anyone can help me? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,192785,195465#msg-195465 From lists at ruby-forum.com Wed May 4 09:24:37 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Wed, 04 May 2011 07:24:37 +0200 Subject: limit connection Message-ID: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> Hello, I want to limit the number of connection per hour from IP range. For example, I want to limit every hour, each IP can only visit our website for 5 times. How can I write the config? There is limit_req, which limit the connection rate, used for DDos control. But it is different from my requirement. Thanks, Yanxin -- Posted via http://www.ruby-forum.com/. From caldcv at gmail.com Wed May 4 09:27:57 2011 From: caldcv at gmail.com (Chris) Date: Wed, 4 May 2011 01:27:57 -0400 Subject: limit connection In-Reply-To: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> References: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> Message-ID: You might be better off researching a solution with iptables On 5/4/11, Yanxin Z. wrote: > Hello, > I want to limit the number of connection per hour from IP range. > > For example, I want to limit every hour, each IP can only visit our > website for 5 times. > > How can I write the config? > > There is limit_req, which limit the connection rate, used for DDos > control. > But it is different from my requirement. > > Thanks, > Yanxin > > -- > Posted via http://www.ruby-forum.com/. > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > -- --C "The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton From igor at sysoev.ru Wed May 4 10:26:50 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Wed, 4 May 2011 10:26:50 +0400 Subject: How to avoid "too big header" issue? In-Reply-To: References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110504062650.GA57647@sysoev.ru> On Tue, May 03, 2011 at 11:10:53PM -0400, stalkercn wrote: > anyone can help me? Could you show "nginx -V" output ? -- Igor Sysoev From igor at sysoev.ru Wed May 4 15:08:17 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Wed, 4 May 2011 15:08:17 +0400 Subject: POSIX semaphores patch Message-ID: <20110504110817.GE72381@sysoev.ru> The attache patch enables POSIX semaphores usage during shared memory access. It should decrease CPU usage on start-up or online upgrade of installations with large caches or large number of workers. I tested the patch on FreeBSD 8.2. There is no sense to test it on FreeBSD prior to 7.2 version, since semaphores does not work on these systems. You can ensure that there are enough semaphores: sysctl p1003_1b.sem_nsems_max By default there should be 32 semaphores. On 8.2+ you can increase them dynamically. You need one semaphores per shared zone. "sysctl p1003_1b.nsems" shows current number of semaphores. It would be intresting to test the patch on other platforms - Linux and Solaris. Please draw attention to alerts in error_log. Note also that nginx does not destroy semaphores on exit. They should deleted by kernel automatically. Please check that there is no semaphore leakage while nginx work. -- Igor Sysoev -------------- next part -------------- Index: src/event/ngx_event.c =================================================================== --- src/event/ngx_event.c (revision 3907) +++ src/event/ngx_event.c (working copy) @@ -519,6 +519,7 @@ shared = shm.addr; ngx_accept_mutex_ptr = (ngx_atomic_t *) shared; + ngx_accept_mutex.spin = (ngx_uint_t) -1; if (ngx_shmtx_create(&ngx_accept_mutex, shared, cycle->lock_file.data) != NGX_OK) Index: src/os/unix/ngx_posix_config.h =================================================================== --- src/os/unix/ngx_posix_config.h (revision 3907) +++ src/os/unix/ngx_posix_config.h (working copy) @@ -96,6 +96,11 @@ #include +#if (NGX_HAVE_POSIX_SEM) +#include +#endif + + #if (NGX_HAVE_POLL) #include #endif Index: src/os/unix/ngx_linux_config.h =================================================================== --- src/os/unix/ngx_linux_config.h (revision 3907) +++ src/os/unix/ngx_linux_config.h (working copy) @@ -58,6 +58,11 @@ #include +#if (NGX_HAVE_POSIX_SEM) +#include +#endif + + #if (NGX_HAVE_SYS_PRCTL_H) #include #endif Index: src/os/unix/ngx_freebsd_config.h =================================================================== --- src/os/unix/ngx_freebsd_config.h (revision 3907) +++ src/os/unix/ngx_freebsd_config.h (working copy) @@ -68,6 +68,11 @@ #include +#if (NGX_HAVE_POSIX_SEM) +#include +#endif + + #if (NGX_HAVE_POLL) #include #endif Index: src/os/unix/ngx_solaris_config.h =================================================================== --- src/os/unix/ngx_solaris_config.h (revision 3907) +++ src/os/unix/ngx_solaris_config.h (working copy) @@ -57,6 +57,11 @@ #include +#if (NGX_HAVE_POSIX_SEM) +#include +#endif + + #if (NGX_HAVE_POLL) #include #endif Index: src/os/unix/ngx_darwin_config.h =================================================================== --- src/os/unix/ngx_darwin_config.h (revision 3907) +++ src/os/unix/ngx_darwin_config.h (working copy) @@ -56,6 +56,11 @@ #include +#if (NGX_HAVE_POSIX_SEM) +#include +#endif + + #if (NGX_HAVE_POLL) #include #endif Index: src/core/ngx_shmtx.c =================================================================== --- src/core/ngx_shmtx.c (revision 3907) +++ src/core/ngx_shmtx.c (working copy) @@ -16,9 +16,160 @@ { mtx->lock = addr; + if (mtx->spin == (ngx_uint_t) -1) { + return NGX_OK; + } + + mtx->spin = 2048; + +#if (NGX_HAVE_POSIX_SEM) + + if (sem_init(&mtx->sem, 1, 0) == -1) { + ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno, + "sem_init() failed"); + } else { + mtx->semaphore = 1; + } + +#endif + return NGX_OK; } + +void +ngx_shmtx_destory(ngx_shmtx_t *mtx) +{ +#if (NGX_HAVE_POSIX_SEM) + + if (mtx->semaphore) { + if (sem_destroy(&mtx->sem) == -1) { + ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno, + "sem_destroy() failed"); + } + } + +#endif +} + + +ngx_uint_t +ngx_shmtx_trylock(ngx_shmtx_t *mtx) +{ + ngx_atomic_uint_t val; + + val = *mtx->lock; + + return ((val & 0x80000000) == 0 + && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000)); +} + + +void +ngx_shmtx_lock(ngx_shmtx_t *mtx) +{ + ngx_uint_t i, n; + ngx_atomic_uint_t val; + + ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, "shmtx lock"); + + for ( ;; ) { + + val = *mtx->lock; + + if ((val & 0x80000000) == 0 + && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000)) + { + return; + } + + if (ngx_ncpu > 1) { + + for (n = 1; n < mtx->spin; n <<= 1) { + + for (i = 0; i < n; i++) { + ngx_cpu_pause(); + } + + val = *mtx->lock; + + if ((val & 0x80000000) == 0 + && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000)) + { + return; + } + } + } + +#if (NGX_HAVE_POSIX_SEM) + + if (mtx->semaphore) { + val = *mtx->lock; + + if ((val & 0x80000000) + && ngx_atomic_cmp_set(mtx->lock, val, val + 1)) + { + ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, + "shmtx wait %XA", val); + + if (sem_wait(&mtx->sem) == -1) { + ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno, + "sem_wait() failed while waiting on shmtx"); + } + + ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, + "shmtx awoke"); + + continue; + } + } + +#endif + + ngx_sched_yield(); + } +} + + +void +ngx_shmtx_unlock(ngx_shmtx_t *mtx) +{ + ngx_atomic_uint_t val, old, wait; + + if (mtx->spin != (ngx_uint_t) -1) { + ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, "shmtx unlock"); + } + + for ( ;; ) { + + old = *mtx->lock; + wait = old & 0x7fffffff; + val = wait ? wait - 1 : 0; + + if (ngx_atomic_cmp_set(mtx->lock, old, val)) { + break; + } + } + +#if (NGX_HAVE_POSIX_SEM) + { + + if (wait == 0 || !mtx->semaphore) { + return; + } + + ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, + "shmtx wake %XA", old); + + if (sem_post(&mtx->sem) == -1) { + ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno, + "sem_post() failed while wake shmtx"); + } + } +#endif +} + + #else @@ -65,4 +216,62 @@ } +ngx_uint_t +ngx_shmtx_trylock(ngx_shmtx_t *mtx) +{ + ngx_err_t err; + + err = ngx_trylock_fd(mtx->fd); + + if (err == 0) { + return 1; + } + + if (err == NGX_EAGAIN) { + return 0; + } + +#if __osf__ /* Tru64 UNIX */ + + if (err == NGX_EACCESS) { + return 0; + } + #endif + + ngx_log_abort(err, ngx_trylock_fd_n " %s failed", mtx->name); + + return 0; +} + + +void +ngx_shmtx_lock(ngx_shmtx_t *mtx) +{ + ngx_err_t err; + + err = ngx_lock_fd(mtx->fd); + + if (err == 0) { + return; + } + + ngx_log_abort(err, ngx_lock_fd_n " %s failed", mtx->name); +} + + +void +ngx_shmtx_unlock(ngx_shmtx_t *mtx) +{ + ngx_err_t err; + + err = ngx_unlock_fd(mtx->fd); + + if (err == 0) { + return; + } + + ngx_log_abort(err, ngx_unlock_fd_n " %s failed", mtx->name); +} + +#endif Index: src/core/ngx_shmtx.h =================================================================== --- src/core/ngx_shmtx.h (revision 3907) +++ src/core/ngx_shmtx.h (working copy) @@ -15,95 +15,23 @@ typedef struct { #if (NGX_HAVE_ATOMIC_OPS) ngx_atomic_t *lock; +#if (NGX_HAVE_POSIX_SEM) + ngx_uint_t semaphore; + sem_t sem; +#endif #else ngx_fd_t fd; u_char *name; #endif + ngx_uint_t spin; } ngx_shmtx_t; ngx_int_t ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name); - - -#if (NGX_HAVE_ATOMIC_OPS) - -static ngx_inline ngx_uint_t -ngx_shmtx_trylock(ngx_shmtx_t *mtx) -{ - return (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)); -} - -#define ngx_shmtx_lock(mtx) ngx_spinlock((mtx)->lock, ngx_pid, 1024) - -#define ngx_shmtx_unlock(mtx) (void) ngx_atomic_cmp_set((mtx)->lock, ngx_pid, 0) - -#define ngx_shmtx_destory(mtx) - - -#else - -static ngx_inline ngx_uint_t -ngx_shmtx_trylock(ngx_shmtx_t *mtx) -{ - ngx_err_t err; - - err = ngx_trylock_fd(mtx->fd); - - if (err == 0) { - return 1; - } - - if (err == NGX_EAGAIN) { - return 0; - } - -#if __osf__ /* Tru64 UNIX */ - - if (err == NGX_EACCESS) { - return 0; - } - -#endif - - ngx_log_abort(err, ngx_trylock_fd_n " %s failed", mtx->name); - - return 0; -} - - -static ngx_inline void -ngx_shmtx_lock(ngx_shmtx_t *mtx) -{ - ngx_err_t err; - - err = ngx_lock_fd(mtx->fd); - - if (err == 0) { - return; - } - - ngx_log_abort(err, ngx_lock_fd_n " %s failed", mtx->name); -} - - -static ngx_inline void -ngx_shmtx_unlock(ngx_shmtx_t *mtx) -{ - ngx_err_t err; - - err = ngx_unlock_fd(mtx->fd); - - if (err == 0) { - return; - } - - ngx_log_abort(err, ngx_unlock_fd_n " %s failed", mtx->name); -} - - void ngx_shmtx_destory(ngx_shmtx_t *mtx); +ngx_uint_t ngx_shmtx_trylock(ngx_shmtx_t *mtx); +void ngx_shmtx_lock(ngx_shmtx_t *mtx); +void ngx_shmtx_unlock(ngx_shmtx_t *mtx); -#endif - #endif /* _NGX_SHMTX_H_INCLUDED_ */ Index: auto/os/freebsd =================================================================== --- auto/os/freebsd (revision 3907) +++ auto/os/freebsd (working copy) @@ -49,7 +49,16 @@ have=NGX_HAVE_AIO_SENDFILE . auto/have fi +# POSIX semaphores +# http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/127545 +if [ $osreldate -ge 701106 ]; then + echo " + POSIX semaphores should work" +else + have=NGX_HAVE_POSIX_SEM . auto/nohave +fi + + # kqueue if [ $ $osreldate -lt 500000 -a $osreldate -ge 410000 $ \ Index: auto/unix =================================================================== --- auto/unix (revision 3907) +++ auto/unix (working copy) @@ -234,6 +234,18 @@ . auto/feature +ngx_feature="POSIX semaphores" +ngx_feature_name="NGX_HAVE_POSIX_SEM" +ngx_feature_run=yes +ngx_feature_incs="#include " +ngx_feature_path= +ngx_feature_libs= +ngx_feature_test="sem_t sem; + if (sem_init(&sem, 1, 0) == -1) return 1; + sem_destroy(&sem);" +. auto/feature + + ngx_feature="struct msghdr.msg_control" ngx_feature_name="NGX_HAVE_MSGHDR_MSG_CONTROL" ngx_feature_run=no From nginx-forum at nginx.us Wed May 4 15:09:21 2011 From: nginx-forum at nginx.us (burn) Date: Wed, 04 May 2011 07:09:21 -0400 Subject: not working without aio Message-ID: If you install nginx compiled with aio support on non-aio enabled kernel, it doesn't work: 2011/04/15 11:46:25 [emerg] 18942#0: io_setup() failed (1: Operation not permitted) 2011/04/15 11:46:25 [alert] 18938#0: worker process 18942 exited with fatal code 2 and can not be respawn All workers die, only master process remains, requests aren't served Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195522,195522#msg-195522 From kgorlo at gmail.com Wed May 4 15:25:38 2011 From: kgorlo at gmail.com (Kamil Gorlo) Date: Wed, 4 May 2011 13:25:38 +0200 Subject: Load balancing based on part of url or header Message-ID: Hi guys, is this possible to have similar feature as ip_hash but not based on IP address but on some part of request url (or header)? Cheers, -- Kamil Gorlo From mdounin at mdounin.ru Wed May 4 15:27:33 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Wed, 4 May 2011 15:27:33 +0400 Subject: not working without aio In-Reply-To: References: Message-ID: <20110504112733.GT42265@mdounin.ru> Hello! On Wed, May 04, 2011 at 07:09:21AM -0400, burn wrote: > If you install nginx compiled with aio support on non-aio enabled > kernel, it doesn't work: > > 2011/04/15 11:46:25 [emerg] 18942#0: io_setup() failed (1: Operation not > permitted) > 2011/04/15 11:46:25 [alert] 18938#0: worker process 18942 exited with > fatal code 2 and can not be respawn > > All workers die, only master process remains, requests aren't served You have to recompile nginx without aio. Run-time fallback isn't currently supported. Maxim Dounin From mdounin at mdounin.ru Wed May 4 15:28:29 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Wed, 4 May 2011 15:28:29 +0400 Subject: Load balancing based on part of url or header In-Reply-To: References: Message-ID: <20110504112828.GU42265@mdounin.ru> Hello! On Wed, May 04, 2011 at 01:25:38PM +0200, Kamil Gorlo wrote: > Hi guys, > > is this possible to have similar feature as ip_hash but not based on > IP address but on some part of request url (or header)? There are 3rd party modules available which do this, check wiki. Maxim Dounin From lists at ruby-forum.com Wed May 4 19:38:56 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Wed, 04 May 2011 17:38:56 +0200 Subject: limit connection In-Reply-To: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> References: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> Message-ID: Thanks Chris. Do you have example I can refer? Yanxin -- Posted via http://www.ruby-forum.com/. From caldcv at gmail.com Wed May 4 20:36:39 2011 From: caldcv at gmail.com (Chris) Date: Wed, 4 May 2011 12:36:39 -0400 Subject: limit connection In-Reply-To: References: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> Message-ID: Many are available online in regards to SSH limiting however you have to put in IP ranges of people you do not want to limit, which could be very hard. What exactly are you trying to do? On 5/4/11, Yanxin Z. wrote: > Thanks Chris. > Do you have example I can refer? > Yanxin > > -- > Posted via http://www.ruby-forum.com/. > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > -- --C "The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton From clanherb at gmail.com Wed May 4 22:59:21 2011 From: clanherb at gmail.com (=?UTF-8?B?5p2o6ZWt?=) Date: Thu, 5 May 2011 02:59:21 +0800 Subject: question about the context of map directive Message-ID: Hi, The context of map directive is *http* as documented on wiki.nginx.org. This means all the requests will go through the map filter phase. This is not ideal when you have many virtual hosts. For example, we've 50+ virtual hosts. When one of them need map variables, the others automatically inherited those settings because there is no way to limit it to server context. If this is the situation, can someone know the internals of nginx explain why the map module can't work at server level. Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Brian.Akins at turner.com Wed May 4 23:03:33 2011 From: Brian.Akins at turner.com (Akins, Brian) Date: Wed, 04 May 2011 15:03:33 -0400 Subject: Lua pcre inside nginx Message-ID: I wanted to use pcre inside a lua script using rex_pcre. However, I always get the error: failed to get memory (pattern offset: 15) The snippet of code always works in a standalone script. Ideas? -- Brian Akins From igor at sysoev.ru Wed May 4 23:10:00 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Wed, 4 May 2011 23:10:00 +0400 Subject: question about the context of map directive In-Reply-To: References: Message-ID: <20110504191000.GA96440@sysoev.ru> On Thu, May 05, 2011 at 02:59:21AM +0800, ?? wrote: > Hi, > > The context of map directive is *http* as documented on wiki.nginx.org. This > means all the requests will go through the map filter phase. > This is not ideal when you have many virtual hosts. > > For example, we've 50+ virtual hosts. When one of them need map variables, > the others automatically inherited those settings because there is no way to > limit it to server context. > > If this is the situation, can someone know the internals of nginx explain > why the map module can't work at server level. > Thanks. The most nginx directives are declarative. This means that nginx looks up a map only when it needs a variable value defined via the map. There are directives that are really executed: "rewrite" and "if". Avoid them. -- Igor Sysoev From nginx-forum at nginx.us Wed May 4 23:10:38 2011 From: nginx-forum at nginx.us (art.wu) Date: Wed, 04 May 2011 15:10:38 -0400 Subject: no server response in https In-Reply-To: References: Message-ID: <0338c925ce50fa5f3695412caf42853a.NginxMailingListEnglish@forum.nginx.org> There was no response from the server (no 408 received by client). Thanks for your help. config: user nginx nginx; worker_processes 1; events { worker_connections 256; } http { include /usr/pkg/etc/nginx/mime.types; default_type application/octet-stream; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log debug; sendfile on; keepalive_timeout 65; # HTTPS server # server { listen 443; server_name tf2000; ssl on; ssl_certificate /x509/server.crt; ssl_certificate_key /x509/server.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; location / { root /www/webdoc; index index.html index.htm; } } } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195329,195629#msg-195629 From igor at sysoev.ru Wed May 4 23:15:22 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Wed, 4 May 2011 23:15:22 +0400 Subject: question about the context of map directive In-Reply-To: <20110504191000.GA96440@sysoev.ru> References: <20110504191000.GA96440@sysoev.ru> Message-ID: <20110504191522.GC96440@sysoev.ru> On Wed, May 04, 2011 at 11:10:00PM +0400, Igor Sysoev wrote: > On Thu, May 05, 2011 at 02:59:21AM +0800, ?? wrote: > > Hi, > > > > The context of map directive is *http* as documented on wiki.nginx.org. This > > means all the requests will go through the map filter phase. > > This is not ideal when you have many virtual hosts. > > > > For example, we've 50+ virtual hosts. When one of them need map variables, > > the others automatically inherited those settings because there is no way to > > limit it to server context. > > > > If this is the situation, can someone know the internals of nginx explain > > why the map module can't work at server level. > > Thanks. > > The most nginx directives are declarative. This means that nginx > looks up a map only when it needs a variable value defined via the map. > There are directives that are really executed: "rewrite" and "if". > Avoid them. Also "set" and "break". -- Igor Sysoev From mdounin at mdounin.ru Thu May 5 00:35:47 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 5 May 2011 00:35:47 +0400 Subject: question about the context of map directive In-Reply-To: References: Message-ID: <20110504203547.GX42265@mdounin.ru> Hello! On Thu, May 05, 2011 at 02:59:21AM +0800, ?? wrote: > Hi, > > The context of map directive is *http* as documented on wiki.nginx.org. This Yes. > means all the requests will go through the map filter phase. No. Map directive creates a variable and only does something when (and if) the variable is accessed. There is no performance penalty for processing requests which doesn't use the variable. > This is not ideal when you have many virtual hosts. > > For example, we've 50+ virtual hosts. When one of them need map variables, > the others automatically inherited those settings because there is no way to > limit it to server context. > > If this is the situation, can someone know the internals of nginx explain > why the map module can't work at server level. Changing map module to provide data based on per-server configs is possible, but obviously will require extra code. Maxim Dounin From pasik at iki.fi Thu May 5 01:15:50 2011 From: pasik at iki.fi (Pasi =?iso-8859-1?Q?K=E4rkk=E4inen?=) Date: Thu, 5 May 2011 00:15:50 +0300 Subject: nginx proxying do not locally save/buffer uploaded files? Message-ID: <20110504211549.GL32595@reaktio.net> Hello, I'm running nginx as a proxy in front of some backend servers, and while uploading files (HTTP PUT) nginx seems to buffer the files to local disk. This is not a possible method for this setup, because some of the files are so big that they won't fit to the local disk of the nginx box. Is there an option to disable this behaviour? I'd like to directly stream the uploads to the backend.. Thanks, -- Pasi From nginx-forum at nginx.us Thu May 5 01:35:54 2011 From: nginx-forum at nginx.us (jjjx128) Date: Wed, 04 May 2011 17:35:54 -0400 Subject: nginx proxying do not locally save/buffer uploaded files? In-Reply-To: <20110504211549.GL32595@reaktio.net> References: <20110504211549.GL32595@reaktio.net> Message-ID: <153c3efe1bd09d636dcea83de2eb5706.NginxMailingListEnglish@forum.nginx.org> Pasi K?rkk?inen Wrote: ------------------------------------------------------- > Is there an option to disable this behaviour? > I'd like to directly stream the uploads to the > backend.. No. Nginx has no way of streaming data directly to the backend. Take a look at haproxy or any other tcp load balancer. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195656,195659#msg-195659 From ngx.eugaia at gmail.com Thu May 5 01:37:11 2011 From: ngx.eugaia at gmail.com (Eugaia) Date: Thu, 05 May 2011 00:37:11 +0300 Subject: Lua pcre inside nginx In-Reply-To: References: Message-ID: <4DC1C707.1000705@gmail.com> Hi, On 04/05/2011 22:03, Akins, Brian wrote: > I wanted to use pcre inside a lua script using rex_pcre. However, I always > get the error: > > failed to get memory (pattern offset: 15) > > The snippet of code always works in a standalone script. > > Ideas? I just tried the supplied test suite for rex_pcre on the latest (as of a few days ago) trunk version of LuaJIT 2.0 on Nginx 1.0.0 and there were no test failures. Maybe try JIT if you're not using it already? Cheers, Marcus. From Brian.Akins at turner.com Thu May 5 01:39:52 2011 From: Brian.Akins at turner.com (Akins, Brian) Date: Wed, 04 May 2011 17:39:52 -0400 Subject: Lua pcre inside nginx In-Reply-To: <4DC1C707.1000705@gmail.com> Message-ID: On 5/4/11 5:37 PM, "Eugaia" wrote: > I just tried the supplied test suite for rex_pcre on the latest (as of a > few days ago) trunk version of LuaJIT 2.0 on Nginx 1.0.0 and there were > no test failures. Maybe try JIT if you're not using it already? > I already am using luajit. I was using rex_pcre from luarocks. -- Brian Akins From pasik at iki.fi Thu May 5 01:40:05 2011 From: pasik at iki.fi (Pasi =?iso-8859-1?Q?K=E4rkk=E4inen?=) Date: Thu, 5 May 2011 00:40:05 +0300 Subject: nginx proxying do not locally save/buffer uploaded files? In-Reply-To: <153c3efe1bd09d636dcea83de2eb5706.NginxMailingListEnglish@forum.nginx.org> References: <20110504211549.GL32595@reaktio.net> <153c3efe1bd09d636dcea83de2eb5706.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110504214005.GM32595@reaktio.net> On Wed, May 04, 2011 at 05:35:54PM -0400, jjjx128 wrote: > Pasi K?rkk?inen Wrote: > ------------------------------------------------------- > > Is there an option to disable this behaviour? > > I'd like to directly stream the uploads to the > > backend.. > > No. Nginx has no way of streaming data directly to the backend. Take a > look at haproxy or any other tcp load balancer. > in tcp mode you can't filter the requests etc.. I need to do that aswell. Maybe I need to take a look at the code and try to figure out if direct upload streaming could be implemented in nginx.. Thanks, -- Pasi From nginx-forum at nginx.us Thu May 5 01:56:43 2011 From: nginx-forum at nginx.us (jjjx128) Date: Wed, 04 May 2011 17:56:43 -0400 Subject: nginx proxying do not locally save/buffer uploaded files? In-Reply-To: <20110504214005.GM32595@reaktio.net> References: <20110504214005.GM32595@reaktio.net> Message-ID: <3dfd6d89a78e3ee124ed58524312dada.NginxMailingListEnglish@forum.nginx.org> Pasi K?rkk?inen Wrote: ------------------------------------------------------- > in tcp mode you can't filter the requests etc.. I > need to do that aswell. There are quite a few load balancers and proxies out there. I'm sure you can find something useful. > Maybe I need to take a look at the code and try to > figure out > if direct upload streaming could be implemented in > nginx.. It is possible. So, good luck I guess. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195656,195665#msg-195665 From Brian.Akins at turner.com Thu May 5 02:11:07 2011 From: Brian.Akins at turner.com (Akins, Brian) Date: Wed, 04 May 2011 18:11:07 -0400 Subject: Lua pcre inside nginx In-Reply-To: Message-ID: On 5/4/11 5:39 PM, "Brian Akins" wrote: > I already am using luajit. I was using rex_pcre from luarocks. I grabbed latest rex_pcre, same issue. This is x86_64 if that matters. -- Brian Akins From lists at ruby-forum.com Thu May 5 02:21:08 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Thu, 05 May 2011 00:21:08 +0200 Subject: limit connection In-Reply-To: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> References: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> Message-ID: Hi Chris, I want to control the public to do query inside my website, so that bad guy can not do database harvest. For example, each IP can only do query 10 times per day. The IP I do not want to limit is my own IP. So it's simple to recognize the IP range. Please let me know your opinion. Thanks, Yanxin -- Posted via http://www.ruby-forum.com/. From caldcv at gmail.com Thu May 5 02:25:19 2011 From: caldcv at gmail.com (Chris) Date: Wed, 4 May 2011 18:25:19 -0400 Subject: limit connection In-Reply-To: References: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> Message-ID: http://www.shanestillwell.com/blog/2009/03/24/throttle-traffic-iptables I wish you luck on a solution but it seems rather odd On 5/4/11, Yanxin Z. wrote: > Hi Chris, > I want to control the public to do query inside my website, so that bad > guy can not do database harvest. > For example, each IP can only do query 10 times per day. > > The IP I do not want to limit is my own IP. So it's simple to recognize > the IP range. > > Please let me know your opinion. > Thanks, > Yanxin > > -- > Posted via http://www.ruby-forum.com/. > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > -- --C "The dumber people think you are, the more surprised they're going to be when you kill them." - Sir William Clayton From nginx-forum at nginx.us Thu May 5 04:05:17 2011 From: nginx-forum at nginx.us (HowToMeetLadies) Date: Wed, 04 May 2011 20:05:17 -0400 Subject: Catch ALL requests by LUA-script In-Reply-To: References: Message-ID: <962ffeb780843553c1f353008459a93f.NginxMailingListEnglish@forum.nginx.org> > > Your feedback is always welcome! Sorry for the > delay on my side for I > was enjoying my vocation in the Fuzhou city in the > southern region of > China in the last few days :) > Heh, I know what delays are and that was no delay.. Here it is best weather for bicycling, so i do all the time! ;) One thing on my todo is to visit china, my cousin lived there past 5-6 years and i've seen many pictures and videos.. Last month he married his wife there, but i could not get away :( > > What's your operating system? We used to observe > similar periodic > segfaults with exactly the same version of > ngx_openresty on RedHat > Enterprise Linux (RHEL) 5.4 in production but now My good *old* development box is a quad *i686* with deb5 (old)stable gcc 4.3.2-1.1 > all is fine after we > switched LuaJIT to a more recent git HEAD version > which includes an > important work-around for an old libgcc bug > explained here in the > lua-l mailing list: > > > http://lua-users.org/lists/lua-l/2011-03/msg00576. > html > Tried both samples and luajit detected it. Anyway thank you for sharing this, so ill try that next. > I'll make a new release of ngx_openresty to > include a new version of > LuaJIT as well as some other modules' updates like > ngx_lua's and > ngx_srcache's. I'll inform you here when I'm done. > > Also, it'll be very appreciated if you can obtain > a gdb backtrace for > your segfaults so that we can look at the details > ;) Sure, thats no problem. Tomorrow ill attach to it and take a sample for you. Have also a full dump, as every build has its own /prefix. > > Oh, that's awesome :) > Thanks, but yours is *epic*. > > > > Below ill use luasql, instead you can use > > ngx.location.capture("/some-internal-rds-json") > and lua-yajl, but this > > approach ends as soon as you want INSERT > followed by LAST_INSERT_ID() or > > other complex queries/transactions (as long as > libdrizzle has no support > > for multiple queries, maybe this is not the best > option to go with, ive > > tried alternatives and workarounds, but for now > this is what *I* want). > > > > The luasql library will certainly block nginx > worker processes. Please > dont' use that. > Tbh, youre absolutely right. Realized it before i used this and *I* had no problems, also do not have much inserts (about 25-40k text each, stored in a fraction of a second). Tested it also further with luasql all queries, no problems so far but only with circumventions and all under pre-calculated conditions with *enough* instances, fast i/o, caching etc. This is at no will a reliable solution and much likely a show-stopper! So do *not* try at home eh?!! In the meantime or maybe forever ill stick to redis only (: Exchanges to or from intermediates are stressing me, but still better as seeing ruby eating up resources and doing "nothing" on ngx_passenger/ree.. sinatra, merb, rails, foo, bla -.-" Redis helped there a lot, but even in my *experimental* Rack written with D ive done better! ;) But thats true another story.. As a last resort for mysql i thought of getting an unique id from a (lua) location which is then used for insertion and afterwards on success, i.e. for redirects. Or have i missed something, what would you do? > I know libdrizzle is very limited in terms of > functionality and it's > *not* maintained very well. We'll start a > completely new nginx > upstream modules for mysql named ngx_mysql by > implementing a > non-blocking full-fledged highly-optimized mysql > client from scratch. > I'd love to see it happen this year ;) > > Another direction we're taking is to introduce the > "cosocket" > mechanism into ngx_lua such that one can use a > *synchronous* Lua > socket API that is transparently *asynchronous* > and *non-blocking* on > the nginx C level. Atop that, we can build > pure-Lua non-blocking mysql > client driver and thus putting everything onto the > Lua land and no > longer need to mess up the nginx.conf file and > nginx subrequests. I'd > also want to see it happen by this Christmas ;) > You mentioned "cosocket" somewhere (github?) already and IMO that would be really amazing! I'm following "agentzh" and "chaoslawful" on github and will take a deeper look when i get more time. Will be linking to your projects when i release something useful (safe) for it. > > The high-level abstraction for ngx_lua is > excellent! We're taking a > slightly different approach along the line in our > web applications: > > > http://agentzh.org/misc/nginx/lzsql-manual.html > > We're using a DSL (Domain Specific Language) > compiler that emits Lua > code and business logic is mostly implemented in > this DSL. It's > targeting our business though, not meant to be > useful for general web > application development (yet). > Looks very promising, i seen that page already on my researches and would love to get my hands on it. I do a lot of research, trying as much as possible, protocols like XMPP and PSYC and such good things, but mostly everything apart from PHP, .Net and Java.. :> > Thanks for sharing! > > -agentzh > Heh. >.< All the thanks belong to you and who else is also behind that projects! Had so much *fun* with it so far, you wont believe it how it boosted everything at our groups site, ookeh not *that* much, but enough to already left ruby (was riding since little rails). And personally it helped me alot to grok lua, as i needed that for deeper reworks of my prosody-im fork (another lua project thats awesome, i prefer it over ejabberd/erl which indeed is both neat feature-wise, but wont let me change (easily) from mnesia to redis or other nice tricks). Thanks again! # HTML Posted at Nginx Forum: http://forum.nginx.org/read.php?2,179364,195682#msg-195682 From clanherb at gmail.com Thu May 5 06:14:55 2011 From: clanherb at gmail.com (=?UTF-8?B?5p2o6ZWt?=) Date: Thu, 5 May 2011 10:14:55 +0800 Subject: question about the context of map directive In-Reply-To: <20110504203547.GX42265@mdounin.ru> References: <20110504203547.GX42265@mdounin.ru> Message-ID: Hi Igor and Maxim, Thanks for the reply! On Thu, May 5, 2011 at 4:35 AM, Maxim Dounin wrote: > Hello! > > On Thu, May 05, 2011 at 02:59:21AM +0800, ?? wrote: > > > Hi, > > > > The context of map directive is *http* as documented on wiki.nginx.org. > This > > Yes. > > > means all the requests will go through the map filter phase. > > No. Map directive creates a variable and only does something when > (and if) the variable is accessed. There is no performance > penalty for processing requests which doesn't use the variable. > > > This is not ideal when you have many virtual hosts. > > > > For example, we've 50+ virtual hosts. When one of them need map > variables, > > the others automatically inherited those settings because there is no way > to > > limit it to server context. > > > > If this is the situation, can someone know the internals of nginx explain > > why the map module can't work at server level. > > Changing map module to provide data based on per-server configs is > possible, but obviously will require extra code. > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at ruby-forum.com Thu May 5 06:27:50 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Thu, 05 May 2011 04:27:50 +0200 Subject: limit connection In-Reply-To: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> References: <3eb40128cef9709ed44491c6d10d7e09@ruby-forum.com> Message-ID: <05c99fd96704fbea856c6e5e906fb1ec@ruby-forum.com> Thank you for your direction, Chris. -- Posted via http://www.ruby-forum.com/. From nginx-forum at nginx.us Thu May 5 06:50:07 2011 From: nginx-forum at nginx.us (stalkercn) Date: Wed, 04 May 2011 22:50:07 -0400 Subject: How to avoid "too big header" issue? In-Reply-To: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> Message-ID: <65b155ed9ec7350b8df7cf617867f95e.NginxMailingListEnglish@forum.nginx.org> nginx version: nginx/0.8.54 configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx-error.log --user=www --group=www --with-debug --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx-access.log --add-module=/usr/ports/www/nginx/work/ngx_headers_more_module-0.14 --with-http_flv_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_stub_status_module --with-pcre Posted at Nginx Forum: http://forum.nginx.org/read.php?2,192785,195695#msg-195695 From nginx-forum at nginx.us Thu May 5 07:00:14 2011 From: nginx-forum at nginx.us (burn) Date: Wed, 04 May 2011 23:00:14 -0400 Subject: not working without aio In-Reply-To: <20110504112733.GT42265@mdounin.ru> References: <20110504112733.GT42265@mdounin.ru> Message-ID: <3bf60e8194f645c340689fb77744f521.NginxMailingListEnglish@forum.nginx.org> well, then please consider this a feature request. Having two separate packages for our server farm is not too convenient. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195522,195696#msg-195696 From agentzh at gmail.com Thu May 5 07:20:32 2011 From: agentzh at gmail.com (agentzh) Date: Thu, 5 May 2011 11:20:32 +0800 Subject: Catch ALL requests by LUA-script In-Reply-To: <962ffeb780843553c1f353008459a93f.NginxMailingListEnglish@forum.nginx.org> References: <962ffeb780843553c1f353008459a93f.NginxMailingListEnglish@forum.nginx.org> Message-ID: On Thu, May 5, 2011 at 8:05 AM, HowToMeetLadies wrote: > > Heh, I know what delays are and that was no delay.. Here it is best > weather for bicycling, so i do all the time! ;) One thing on my todo is > to visit china, my cousin lived there past 5-6 years and i've seen many > pictures and videos.. Last month he married his wife there, but i could > not get away :( > Oh, I'm so happy to hear that ;) Please bring my best wishes to your cousin! > > Sure, thats no problem. Tomorrow ill attach to it and take a sample for > you. Have also a full dump, as every build has its own /prefix. > Looking forward to that :) > > Tbh, youre absolutely right. Realized it before i used this and *I* had > no problems, also do not have much inserts (about 25-40k text each, > stored in a fraction of a second). Tested it also further with luasql > all queries, no problems so far but only with circumventions and all > under pre-calculated conditions with *enough* instances, fast i/o, > caching etc. This is at no will a reliable solution and much likely a > show-stopper! So do *not* try at home eh?!! > Well, it will only cause problems when you have too few nginx workers and nontrivial number of concurrent requests and your database is going mad and becoming slow ;) Anyway, it's good for personal use, not for production apps ;) > In the meantime or maybe forever ill stick to redis only (: Exchanges to > or from intermediates are stressing me, but still better as seeing ruby > eating up resources and doing "nothing" on ngx_passenger/ree.. sinatra, > merb, rails, foo, bla -.-" Redis helped there a lot, but even in my > *experimental* Rack written with D ive done better! ;) But thats true > another story.. > When you're using ngx_redis2 + lua-redis-parser, please ensure you're using a tcp connection pool (provided by ngx_http_upstream_keepalive) and redis pipelining wherever possible. These features will significantly improve performance. Also, using multiple instance of redis servers on your multi-core machines also help a lot due to the sequential processing nature of a single redis server instance. Also, when you're benchmarking performance, please ensure that your error log level is high enough to prevent nginx workers spend too much cycles on flushing the error.log file, which is certainly very expensive :) > As a last resort for mysql i thought of getting an unique id from a > (lua) location which is then used for insertion and afterwards on > success, i.e. for redirects. Or have i missed something, what would you > do? > You can certainly generate a globally unique id by means of pure Lua or by accessing redis, though that's a bit silly ;) If all you want is to get LAST_INSERT_ID, then ngx_drizzle already returns that automatically for you when you're doing a SQL insert query. Consider the following sample nginx.conf snippet: location /test { echo_location /mysql "drop table if exists foo"; echo; echo_location /mysql "create table foo (id serial not null, primary key (id), val real);"; echo; echo_location /mysql "insert into foo (val) values (3.1415926);"; echo; echo_location /mysql "select * from foo;"; echo; } location /mysql { drizzle_pass backend; drizzle_module_header off; drizzle_query $query_string; rds_json on; } Then GET /test gives the following outputs: {"errcode":0} {"errcode":0} {"errcode":0,"insert_id":1,"affected_rows":1} [{"id":1,"val":3.1415926}] Have you noticed the "insert_id" field in the 3rd JSON response? ;) Full transaction support will land into ngx_drizzle (maybe ngx_postgres as well). It will be implemented by locking and tagging database connections in the pool. But there's no ETA yet for that. > > You mentioned "cosocket" somewhere (github?) already and IMO that would > be really amazing! I'm following "agentzh" and "chaoslawful" on github > and will take a deeper look when i get more time. Will be linking to > your projects when i release something useful (safe) for it. > Oh, I'm feeling honored :) > > Looks very promising, i seen that page already on my researches and > would love to get my hands on it. I do a lot of research, trying as much > as possible, protocols like XMPP and PSYC and such good things, but > mostly everything apart from PHP, .Net and Java.. :> > LOL > > Heh. >.< All the thanks belong to you and who else is also behind that > projects! Had so much *fun* with it so far, you wont believe it how it > boosted everything at our groups site, ookeh not *that* much, but enough > to already left ruby (was riding since little rails). And personally it > helped me alot to grok lua, as i needed that for deeper reworks of my > prosody-im fork (another lua project thats awesome, i prefer it over > ejabberd/erl which indeed is both neat feature-wise, but wont let me > change (easily) from mnesia to redis or other nice tricks). > ngx_openresty still has many rough corners and has a long way to go. We'll surely try to make it better and better unfailingly :) Happy hacking! -agentzh From chaoslawful at gmail.com Thu May 5 07:36:57 2011 From: chaoslawful at gmail.com (Chaos Wang) Date: Thu, 05 May 2011 11:36:57 +0800 Subject: Lua pcre inside nginx In-Reply-To: References: Message-ID: <4DC21B59.4010309@gmail.com> NginX hooked pcre memory alloc/free functions pcre_malloc/free to use its memory pool, in order to work around its memory leaking problem. As a side effect, it reset this pool to NULL after every usage in core without considering possible external references. If you don't set pcre memory hooks to your own implementation, you will surely get the error. ngx_lua has fixed this problem, and can use pcre related extensions normally after v0.1.6rc5. Ref: * src/core/ngx_regex.c in NginX sources * ngx_http_lua_patch.c in ngx_lua sources On 2011?05?05? 03:03, Akins, Brian wrote: > I wanted to use pcre inside a lua script using rex_pcre. However, I always > get the error: > > failed to get memory (pattern offset: 15) > > The snippet of code always works in a standalone script. > > Ideas? > From nginx-forum at nginx.us Thu May 5 08:11:30 2011 From: nginx-forum at nginx.us (AndrewH) Date: Thu, 05 May 2011 00:11:30 -0400 Subject: Pre-process request via upstream then forward to proxy. Message-ID: As part of processing a request, I need to first send and receive a response to/from an upstream to authenticate some credentials in the request. Once this has been done, the original request needs to be proxied to another upstream. According to Evan Miller's tutorial, the only valid location for spawning sub-requests is in an output filter ie. to post-process a response. So it appears that this approach is useful for massaging a reponse but not valid for actually performing pre-processing on a request. Does anyone know what the sanctioned way of going about this in NGINX is? Or which existing modules/examples implement similar functionality? - Andrew Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195702,195702#msg-195702 From Richard.Kearsley at m247.com Thu May 5 09:05:37 2011 From: Richard.Kearsley at m247.com (Richard Kearsley) Date: Thu, 5 May 2011 05:05:37 +0000 Subject: aio info Message-ID: Hi A lot of talk about AIO recently - I actually didn't know it existed before, so I am trying it on freebsd8 # sysctl -a | grep aio kern.features.aio: 1 vfs.aio.max_buf_aio: 16 vfs.aio.max_aio_queue_per_proc: 256 vfs.aio.max_aio_per_proc: 32 vfs.aio.unloadable: 0 vfs.aio.aiod_lifetime: 30000 vfs.aio.aiod_timeout: 10000 vfs.aio.num_buf_aio: 0 vfs.aio.num_queue_count: 0 vfs.aio.max_aio_queue: 1024 vfs.aio.target_aio_procs: 4 vfs.aio.num_aio_procs: 4 vfs.aio.max_aio_procs: 32 Could anyone comment what these mean and how to go about tweaking for best performance (should any be increased?) Particularly.. vfs.aio.num_queue_count - does this monitor the amount of io waiting? -------------- next part -------------- An HTML attachment was scrubbed... URL: From agentzh at gmail.com Thu May 5 10:11:32 2011 From: agentzh at gmail.com (agentzh) Date: Thu, 5 May 2011 14:11:32 +0800 Subject: Pre-process request via upstream then forward to proxy. In-Reply-To: References: Message-ID: On Thu, May 5, 2011 at 12:11 PM, AndrewH wrote: > As part of processing a request, I need to first send and receive a > response to/from an upstream to authenticate some credentials in the > request. ?Once this has been done, the original request needs to be > proxied to another upstream. > Your task can be trivially done in pure Lua by using the ngx_lua module. Specifically, by using the ngx.location.capture() interface for Lua to issue your subrequests and wait for the responses. See http://github.com/chaoslawful/lua-nginx-module for the full documentation. You can surely code it up in pure C by looking at how ngx_lua does on the C level. But it's not recommended because it's error prone and the performance gain is small. > According to Evan Miller's tutorial, the only valid location for > spawning sub-requests is in an output filter ie. to post-process a > response. Nope, you can surely create subrequests in any of your rewrite, access, and content phase handlers. That part of Evan Miller's tutorial is somehow misleading, and keep in mind that Evan stated like this: "as far as I know..." So he is not to blame ;) > Does anyone know what the sanctioned way of going about this in NGINX > is? ?Or which existing modules/examples implement similar > functionality? > See the echo_subrequest and echo_location directives provided by ngx_echo: http://github.com/agentzh/echo-nginx-module But their (synchronous but non-blocking) subrequest implementation is not as correct as ngx_lua's. The ngx_auth_request module by Maxim Dounin is an example of issuing subrequests in an access phase handler and my ngx_srcache module is another example for this: http://github.com/agentzh/srcache-nginx-module The ngx_eval module is an example of issuing subrequests in a rewrite phase handler: http://www.grid.net.ru/nginx/eval.en.html Happy subrequesting! -agentzh From mdounin at mdounin.ru Thu May 5 10:22:06 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 5 May 2011 10:22:06 +0400 Subject: no server response in https In-Reply-To: References: Message-ID: <20110505062206.GY42265@mdounin.ru> Hello! On Tue, May 03, 2011 at 01:42:42PM -0400, art.wu wrote: > I'm running 0.8.53 on QNX Neutrino 6.5.0 with SSL on and the server > doesn't respond to the client. Instead it times out, as below. It does > work properly with SSL off. Can you provide any suggestions? Thanks. Yep, this is general bug affecting systems with 32-bit off_t. Attached patch fixes it. Please note that using 64-bit off_t may be a good thing anyway (2G limit is two low today even on embedded platforms...), and it looks like QNX (at least 6.5.0) supports -D_FILE_OFFSET_BITS=64 (though nginx doesn't know and doesn't try it on QNX). Try using ./configure --with-cc-opt="-D_FILE_OFFSET_BITS=64" ... it should resolve the issue even without the patch. Please also note that there are other problems with QNX 6 due to time_t type being unsigned there. GCC will refuse to build nginx with -Werror (as used by nginx) - and this is the right thing. I'm looking into this issue, but it will require a bit more work. Maxim Dounin -------------- next part -------------- # HG changeset patch # User Maxim Dounin # Date 1304575111 -14400 # Node ID 0446d18df946f8cfae3f623d3335722d7c4489a6 # Parent 9b9e61f1b5004e0c5a2d56372e682c2a1e053e34 Bugfix: https wasn't working on systems with 32-bit off_t. Due to off_t being signed NGX_MAX_UINT32_VALUE will overflow off_t while calculating limit in ngx_ssl_send_chain() on systems with 32-bit time_t, and as a result ngx_ssl_send_chain() won't be able to send anything. Introduce NGX_MAX_INT32_VALUE and use it there instead. diff --git a/src/core/ngx_config.h b/src/core/ngx_config.h --- a/src/core/ngx_config.h +++ b/src/core/ngx_config.h @@ -127,5 +127,6 @@ typedef intptr_t ngx_flag_t; #define NGX_MAX_UINT32_VALUE (uint32_t) 0xffffffff #endif +#define NGX_MAX_INT32_VALUE (int32_t) 2147483647 #endif /* _NGX_CONFIG_H_INCLUDED_ */ diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -957,10 +957,10 @@ ngx_ssl_send_chain(ngx_connection_t *c, } - /* the maximum limit size is the maximum uint32_t value - the page size */ - - if (limit == 0 || limit > (off_t) (NGX_MAX_UINT32_VALUE - ngx_pagesize)) { - limit = NGX_MAX_UINT32_VALUE - ngx_pagesize; + /* the maximum limit size is the maximum int32_t value - the page size */ + + if (limit == 0 || limit > (off_t) (NGX_MAX_INT32_VALUE - ngx_pagesize)) { + limit = NGX_MAX_INT32_VALUE - ngx_pagesize; } buf = c->ssl->buf; From mdounin at mdounin.ru Thu May 5 10:31:10 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 5 May 2011 10:31:10 +0400 Subject: Pre-process request via upstream then forward to proxy. In-Reply-To: References: Message-ID: <20110505063110.GZ42265@mdounin.ru> Hello! On Thu, May 05, 2011 at 12:11:30AM -0400, AndrewH wrote: > As part of processing a request, I need to first send and receive a > response to/from an upstream to authenticate some credentials in the > request. Once this has been done, the original request needs to be > proxied to another upstream. > > According to Evan Miller's tutorial, the only valid location for > spawning sub-requests is in an output filter ie. to post-process a > response. So it appears that this approach is useful for massaging a > reponse but not valid for actually performing pre-processing on a > request. Evan Miller's claim was correct before 0.7.25. In recent versions you may issue subrequests almost everywhere. There are some caveats though - it's up to you to take appropriate measures to ensure subrequest response won't appear on client's connection. > Does anyone know what the sanctioned way of going about this in NGINX > is? Or which existing modules/examples implement similar > functionality? Take a look at: http://grid.net.ru/nginx/eval.en.html http://mdounin.ru/hg/ngx_http_auth_request_module/ Maxim Dounin From igor at sysoev.ru Thu May 5 11:12:12 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Thu, 5 May 2011 11:12:12 +0400 Subject: aio info In-Reply-To: References: Message-ID: <20110505071212.GA36559@sysoev.ru> On Thu, May 05, 2011 at 05:05:37AM +0000, Richard Kearsley wrote: > Hi > A lot of talk about AIO recently - I actually didn't know it existed before, so I am trying it on freebsd8 > > # sysctl -a | grep aio > kern.features.aio: 1 > vfs.aio.max_buf_aio: 16 > vfs.aio.max_aio_queue_per_proc: 256 > vfs.aio.max_aio_per_proc: 32 > vfs.aio.unloadable: 0 > vfs.aio.aiod_lifetime: 30000 > vfs.aio.aiod_timeout: 10000 > vfs.aio.num_buf_aio: 0 > vfs.aio.num_queue_count: 0 > vfs.aio.max_aio_queue: 1024 > vfs.aio.target_aio_procs: 4 > vfs.aio.num_aio_procs: 4 > vfs.aio.max_aio_procs: 32 > > Could anyone comment what these mean and how to go about tweaking for best performance (should any be increased?) $ sysctl -d vfs.aio vfs.aio: Async IO management vfs.aio.max_buf_aio: Maximum buf aio requests per process (stored in the process) vfs.aio.max_aio_queue_per_proc: Maximum queued aio requests per process (stored in the process) vfs.aio.max_aio_per_proc: Maximum active aio requests per process (stored in the process) vfs.aio.unloadable: Allow unload of aio (not recommended) vfs.aio.aiod_lifetime: Maximum lifetime for idle aiod vfs.aio.aiod_timeout: Timeout value for synchronous aio operations vfs.aio.num_buf_aio: Number of aio requests presently handled by the buf subsystem vfs.aio.num_queue_count: Number of queued aio requests vfs.aio.max_aio_queue: Maximum number of aio requests to queue, globally vfs.aio.target_aio_procs: Preferred number of ready kernel threads for async IO vfs.aio.num_aio_procs: Number of presently active kernel threads for async IO vfs.aio.max_aio_procs: Maximum number of kernel threads to use for handling async IO There are two types AIO operations inside FreeBSD kernel - raw file AIO (buf aio) and usual file AIO that uses in-kernel threads/processes. nginx uses only usual file AIO. Relevant sysctls are: vfs.aio.max_aio_queue: 1024 vfs.aio.max_aio_queue_per_proc: 256 vfs.aio.max_aio_per_proc: 32 vfs.aio.num_queue_count: 0 vfs.aio.max_aio_procs: 32 vfs.aio.target_aio_procs: 4 vfs.aio.num_aio_procs: 4 vfs.aio.aiod_lifetime: 30000 vfs.aio.aiod_timeout: 10000 You may want to increase vfs.aio.max_aio_procs vfs.aio.max_aio_queue vfs.aio.max_aio_queue_per_proc vfs.aio.max_aio_per_proc > Particularly.. vfs.aio.num_queue_count - does this monitor the amount of io waiting? Yes. -- Igor Sysoev From igor at sysoev.ru Thu May 5 11:34:45 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Thu, 5 May 2011 11:34:45 +0400 Subject: How to avoid "too big header" issue? In-Reply-To: <65b155ed9ec7350b8df7cf617867f95e.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> <65b155ed9ec7350b8df7cf617867f95e.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110505073445.GC36559@sysoev.ru> On Wed, May 04, 2011 at 10:50:07PM -0400, stalkercn wrote: > nginx version: nginx/0.8.54 > configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I > /usr/local/include' --with-ld-opt='-L /usr/local/lib' > --conf-path=/usr/local/etc/nginx/nginx.conf > --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid > --error-log-path=/var/log/nginx-error.log --user=www --group=www > --with-debug > --http-client-body-temp-path=/var/tmp/nginx/client_body_temp > --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp > --http-proxy-temp-path=/var/tmp/nginx/proxy_temp > --http-scgi-temp-path=/var/tmp/nginx/scgi_temp > --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp > --http-log-path=/var/log/nginx-access.log > --add-module=/usr/ports/www/nginx/work/ngx_headers_more_module-0.14 > --with-http_flv_module --with-http_gzip_static_module > --with-http_image_filter_module --with-http_stub_status_module > --with-pcre There was a bug when nginx was built --without-http_cache, but this is not your case. Could you try nginx-1.0.0 without third-party module ngx_headers_more_module ? -- Igor Sysoev From CBoyce at mersofmich.com Thu May 5 03:00:11 2011 From: CBoyce at mersofmich.com (Collin Boyce) Date: Wed, 4 May 2011 23:00:11 +0000 Subject: Exchange 2010 rpc ?? Message-ID: <2B45E42FC139C849A48677B3750F61810228FA@EMAIL-01.mersdomain1> We are not able to get nginx to reverse procy RPC to exchange 2010. We get repeating error messages in the log: x.x.x.x - - [04/May/2011:08:40:43 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:40:43 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:41:04 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:41:04 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:41:38 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:41:38 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:41:59 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:41:59 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:42:38 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:42:38 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:42:59 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:42:59 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:43:38 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:43:38 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:44:00 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:44:00 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:44:38 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:44:38 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:44:59 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:44:59 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:49:39 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:49:39 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:50:00 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:50:00 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:54:39 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:54:39 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:55:00 -0400] "-" 400 173 "-" "-" x.x.x.x - - [04/May/2011:08:55:00 -0400] "-" 400 173 "-" "-" The testexchangeconnectivity tool bombs with the following error: Config lines: location /rpc { proxy_pass https://mail.local/rpc; } Checking the IIS configuration for client certificate authentication. The test passed with some warnings encountered. Please expand the additional details. [Description: https://www.testexchangeconnectivity.com/Images/Minus.gif] Additional Details Client certificate authentication couldn't be determined because an unexpected failure occurred. WinHttpSendRequest failed with error 12152. [Description: https://www.testexchangeconnectivity.com/Images/Error.png] Testing HTTP Authentication Methods for URL https://mail.local/rpc/rpcproxy.dll. The HTTP authentication test failed. [Description: https://www.testexchangeconnectivity.com/Images/Minus.gif] Additional Details Exception details: Message: The server committed a protocol violation. Section=ResponseStatusLine Type: System.Net.WebException Stack trace: at System.Net.HttpWebRequest.GetResponse() at Microsoft.Exchange.Tools.ExRca.Tests.HttpAuthMethodsTest.GetSupportedHttpAuthMethods() at Microsoft.Exchange.Tools.ExRca.Tests.HttpAuthMethodsTest.PerformTestReally() -- CONFIDENTIALITY NOTICE: This email and any attachments are for the sole use of the intended recipient(s) and may contain information that is confidential and protected from disclosure under the law, including attorney-client communications. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and delete/destroy all copies of the original message and attachments. DISCLAIMER: This email may contain a summary description of the Municipal Employees? Retirement System of Michigan benefits, costs, rates, valuations, or other calculations, policies or procedures. MERS has made every effort to ensure, but does not guarantee that the information provided is accurate and up to date. Where this email conflicts with the relevant MERS Plan Document, the MERS Plan Document controls. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 853 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.png Type: image/png Size: 911 bytes Desc: image002.png URL: From pasik at iki.fi Thu May 5 17:23:14 2011 From: pasik at iki.fi (Pasi =?iso-8859-1?Q?K=E4rkk=E4inen?=) Date: Thu, 5 May 2011 16:23:14 +0300 Subject: nginx proxying do not locally save/buffer uploaded files? In-Reply-To: <3dfd6d89a78e3ee124ed58524312dada.NginxMailingListEnglish@forum.nginx.org> References: <20110504214005.GM32595@reaktio.net> <3dfd6d89a78e3ee124ed58524312dada.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110505132314.GP32595@reaktio.net> On Wed, May 04, 2011 at 05:56:43PM -0400, jjjx128 wrote: > Pasi K?rkk?inen Wrote: > ------------------------------------------------------- > > in tcp mode you can't filter the requests etc.. I > > need to do that aswell. > > There are quite a few load balancers and proxies out there. I'm sure you > can find something useful. > I've checked and/or used most of them :) > > Maybe I need to take a look at the code and try to > > figure out > > if direct upload streaming could be implemented in > > nginx.. > > It is possible. So, good luck I guess. > Thanks. Are you familiar with nginx code? If yes, feel free to give advises what to avoid, and what to look for. (I haven't checked nginx code earlier, but I know C) -- Pasi From nginx-forum at nginx.us Thu May 5 19:25:19 2011 From: nginx-forum at nginx.us (art.wu) Date: Thu, 05 May 2011 11:25:19 -0400 Subject: no server response in https In-Reply-To: References: Message-ID: The configure option solved the problem. Thanks. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195329,195791#msg-195791 From lists at ruby-forum.com Thu May 5 19:52:43 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Thu, 05 May 2011 17:52:43 +0200 Subject: memcache issue Message-ID: Hello, I am using PHP to connect to memcache. I connect memcache service in the PHP code as follows: $memcache = new Memcache; $memcache->connect('127.0.0.1', 11211); //connect to memcached server Then when I connect to NGX server, I got 500 or 502 error. However, if I run the memcache using php test.php directly, I can connect to memcache server successfully. I am using php-fpm. Does anyone encounter the similar issue before? Thanks, Yanxin -- Posted via http://www.ruby-forum.com/. From igor at sysoev.ru Thu May 5 20:01:29 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Thu, 5 May 2011 20:01:29 +0400 Subject: memcache issue In-Reply-To: References: Message-ID: <66EB54CA-3655-4BF3-BA6B-5FAF2910D8A1@sysoev.ru> What is in error_log ? -- Igor Sysoev 05.05.2011, ? 19:52, "Yanxin Z." ???????(?): > Hello, > I am using PHP to connect to memcache. > > I connect memcache service in the PHP code as follows: > $memcache = new Memcache; > $memcache->connect('127.0.0.1', 11211); //connect to memcached server > > > Then when I connect to NGX server, I got 500 or 502 error. > > However, if I run the memcache using php test.php directly, I can > connect to memcache server successfully. > > I am using php-fpm. > > Does anyone encounter the similar issue before? > > Thanks, > Yanxin > > -- > Posted via http://www.ruby-forum.com/. > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx From lists at ruby-forum.com Thu May 5 20:10:27 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Thu, 05 May 2011 18:10:27 +0200 Subject: memcache issue In-Reply-To: References: Message-ID: <2f77714110eed19c0f3cc49c50d4cc3b@ruby-forum.com> Thank you for your help, Igor. The log is 1815426 2011/05/05 09:05:09 [notice] 13424#0: *15 "/api/1.0/(.*)/upload_internal" matches "/api/1.0/ web/upload_internal", client: 10.1.4.250, server: localhost, request: "POST /api/1.0/web/upload_internal HTTP/1.1", host: "10.1.4.243" 1815427 2011/05/05 09:05:09 [notice] 13424#0: *15 rewritten data: "/api/1.0/web/upload.php", args: "", client: 10.1.4.250, server: localhost, request: "POST /api/1.0/web/upload_internal HTTP/1.1", host: "10.1.4.243" 1815428 2011/05/05 09:05:09 [error] 13424#0: *15 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 10.1.4.250, server: localhost, request: "POST / api/1.0/web/upload_internal HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "10.1.4.243" 1815429 2011/05/05 09:05:09 [info] 13424#0: *15 client 10.1.4.250 closed keepalive connection -- Posted via http://www.ruby-forum.com/. From lists at ruby-forum.com Thu May 5 20:28:02 2011 From: lists at ruby-forum.com (Yanxin Z.) Date: Thu, 05 May 2011 18:28:02 +0200 Subject: memcache issue In-Reply-To: References: Message-ID: Hello Igor, Thank you for your direction. I searched for "nginx 104: Connection reset by peer" In the forum http://forum.slicehost.com/comments.php?DiscussionID=433 Someone suggest to restart fastcgi. I did restart php-fpm then, memcached is working now. Hopefully my post is helpful to other members. Yanxin -- Posted via http://www.ruby-forum.com/. From nginx-forum at nginx.us Thu May 5 20:29:00 2011 From: nginx-forum at nginx.us (HowToMeetLadies) Date: Thu, 05 May 2011 12:29:00 -0400 Subject: Catch ALL requests by LUA-script In-Reply-To: <962ffeb780843553c1f353008459a93f.NginxMailingListEnglish@forum.nginx.org> References: <962ffeb780843553c1f353008459a93f.NginxMailingListEnglish@forum.nginx.org> Message-ID: <43a20ba24767aaf66b89c49525531ecd.NginxMailingListEnglish@forum.nginx.org> > Oh, I'm so happy to hear that ;) Please bring my > best wishes to your cousin! > > > > > Sure, thats no problem. Tomorrow ill attach to > it and take a sample for > > you. Have also a full dump, as every build has > its own /prefix. > > > > Looking forward to that :) Will do both as soon i'll arrive at home later this day! > > When you're using ngx_redis2 + lua-redis-parser, > please ensure you're > using a tcp connection pool (provided by > ngx_http_upstream_keepalive) > and redis pipelining wherever possible. These > features will > significantly improve performance. Also, using > multiple instance of > redis servers on your multi-core machines also > help a lot due to the > sequential processing nature of a single redis > server instance. > > Also, when you're benchmarking performance, please > ensure that your > error log level is high enough to prevent nginx > workers spend too much > cycles on flushing the error.log file, which is > certainly very > expensive :) > Thank you for this, my conf applied already to this, but maybe you should tell about that in your docs too. (: > > As a last resort for mysql i thought of getting > an unique id from a > > (lua) location which is then used for insertion > and afterwards on > > success, i.e. for redirects. Or have i missed > something, what would you > > do? > > > > You can certainly generate a globally unique id by > means of pure Lua > or by accessing redis, though that's a bit silly > ;) > > If all you want is to get LAST_INSERT_ID, then > ngx_drizzle already > returns that automatically for you when you're > doing a SQL insert > query. Consider the following sample nginx.conf > snippet: > > location /test { > echo_location /mysql "drop table if exists > foo"; > echo; > echo_location /mysql "create table foo (id > serial not null, > primary key (id), val real);"; > echo; > echo_location /mysql "insert into foo > (val) values (3.1415926);"; > echo; > echo_location /mysql "select * from foo;"; > echo; > } > location /mysql { > drizzle_pass backend; > drizzle_module_header off; > drizzle_query $query_string; > rds_json on; > } > > Then GET /test gives the following outputs: > > {"errcode":0} > {"errcode":0} > {"errcode":0,"insert_id":1,"affected_rows":1} > [{"id":1,"val":3.1415926}] > > Have you noticed the "insert_id" field in the 3rd > JSON response? ;) > Unbelievable! :D Ive seen "insert id" header in ngx_drizzle, but hadnt looked further at inserts with rds_json (damn stupid me, i should write an article about that). > > LOL > I have a php-fpm install for exactly 3 apps which are our webmail/cms/board, because php-users are not aware of their risks ive disabled it apart from that. NCARS rulez, but im replacing it already -> xmpp (psyc) + web frontend. I used techniques like MEF and such in .Net, but imho its desktop-only.. One can do amazing things with it, also without using client-side runtime, but if you're not bound to that platform, why would you do? Its good to have varnish, ha and/or simple nginx in front of such servers/frameworks, but now nginx+lua is enough, its so tiny and fast.. > > Happy hacking! > Greetz (; # HTML Posted at Nginx Forum: http://forum.nginx.org/read.php?2,179364,195814#msg-195814 From nginx-forum at nginx.us Thu May 5 22:59:24 2011 From: nginx-forum at nginx.us (Jim Ohlstein) Date: Thu, 05 May 2011 14:59:24 -0400 Subject: Nginx Forum now accessible via IPv6 Message-ID: <18c2af52be92de23fc8c029b1e344080.NginxMailingListEnglish@forum.nginx.org> Generally I prefer to keep forum business on the forum but given the current state of IPv4 addresses and the upcoming World IPv6 Day on June 8, 2011 - see http://isoc.org/wp/worldipv6day/ - I am pleased to announce that the forum now has "native" IPv6 support. Most people who have an IPv4/IPv6 dual stack either natively from their ISP or by using a tunnel, and is using a modern browser, will likely be connecting via IPv6. Please let me know if there any connectivity issues, either via reply or directly at jim [at] ohlste [dot] in. Many Thanks. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195868,195868#msg-195868 From nginx-forum at nginx.us Fri May 6 06:45:21 2011 From: nginx-forum at nginx.us (stalkercn) Date: Thu, 05 May 2011 22:45:21 -0400 Subject: How to avoid "too big header" issue? In-Reply-To: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> Message-ID: <80af9b27411dbe556335e96bd8912214.NginxMailingListEnglish@forum.nginx.org> nginx: nginx version: nginx/1.0.1 nginx: built by gcc 4.2.1 20070719 [FreeBSD] nginx: configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx.log --user=www --group=www --with-debug --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx-access.log --with-http_gzip_static_module --with-http_stub_status_module --with-pcre I decrease the fastcgi buffer size and increase the amount of buffers: fastcgi_buffer_size 64k; fastcgi_buffers 64 64k; but a 'too big header' error still apears: [debug] upstream split a header line in FastCGI records [error] upstream sent too big header while reading response header from upstream btw,php is working with Zend-Optimizer,whether this condition can make the headers bigger than its real size? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,192785,195960#msg-195960 From agentzh at gmail.com Fri May 6 08:26:41 2011 From: agentzh at gmail.com (agentzh) Date: Fri, 6 May 2011 12:26:41 +0800 Subject: Catch ALL requests by LUA-script In-Reply-To: <43a20ba24767aaf66b89c49525531ecd.NginxMailingListEnglish@forum.nginx.org> References: <962ffeb780843553c1f353008459a93f.NginxMailingListEnglish@forum.nginx.org> <43a20ba24767aaf66b89c49525531ecd.NginxMailingListEnglish@forum.nginx.org> Message-ID: On Fri, May 6, 2011 at 12:29 AM, HowToMeetLadies wrote: >> >> Also, when you're benchmarking performance, please >> ensure that your >> error log level is high enough to prevent nginx >> workers spend too much >> cycles on flushing the error.log file, which is >> certainly very >> expensive :) >> > > Thank you for this, my conf applied already to this, but maybe you > should tell about that in your docs too. (: > Just added to ngx_redis2's README ;) >> Then GET /test gives the following outputs: >> >> ? ? {"errcode":0} >> ? ? {"errcode":0} >> ? ? {"errcode":0,"insert_id":1,"affected_rows":1} >> ? ? [{"id":1,"val":3.1415926}] >> >> Have you noticed the "insert_id" field in the 3rd >> JSON response? ;) >> > > Unbelievable! :D Ive seen "insert id" header in ngx_drizzle, but hadnt > looked further at inserts with rds_json (damn stupid me, i should write > an article about that). Just added this to ngx_drizzle's README too :) My bad, it's indeed not that obvious for new users ;) Thanks! -agentzh From mcabral84 at bol.com.br Fri May 6 05:33:02 2011 From: mcabral84 at bol.com.br (Marcelo Cabral) Date: Thu, 5 May 2011 22:33:02 -0300 Subject: FastCGI server status Message-ID: Hello, I was wondering if I could monitor FastCGI responses (timers, success, failures, round robin stats, etc...) with nginx? Any hints on how I could get this info? Thanks -Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: From igor at sysoev.ru Fri May 6 08:42:32 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 08:42:32 +0400 Subject: How to avoid "too big header" issue? In-Reply-To: <80af9b27411dbe556335e96bd8912214.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> <80af9b27411dbe556335e96bd8912214.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506044232.GE85186@sysoev.ru> On Thu, May 05, 2011 at 10:45:21PM -0400, stalkercn wrote: > nginx: nginx version: nginx/1.0.1 > nginx: built by gcc 4.2.1 20070719 [FreeBSD] > nginx: configure arguments: --prefix=/usr/local/etc/nginx > --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' > --conf-path=/usr/local/etc/nginx/nginx.conf > --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid > --error-log-path=/var/log/nginx.log --user=www --group=www --with-debug > --http-client-body-temp-path=/var/tmp/nginx/client_body_temp > --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp > --http-proxy-temp-path=/var/tmp/nginx/proxy_temp > --http-scgi-temp-path=/var/tmp/nginx/scgi_temp > --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp > --http-log-path=/var/log/nginx-access.log --with-http_gzip_static_module > --with-http_stub_status_module --with-pcre > > I decrease the fastcgi buffer size and increase the amount of buffers: > fastcgi_buffer_size 64k; > fastcgi_buffers 64 64k; > > but a 'too big header' error still apears: > > [debug] upstream split a header line in FastCGI records > [error] upstream sent too big header while reading response header > from upstream Only fastcgi_buffer_size is relevant here. Could you set it to 512k and make request with debug log ? -- Igor Sysoev From nginx-forum at nginx.us Fri May 6 10:34:03 2011 From: nginx-forum at nginx.us (stalkercn) Date: Fri, 06 May 2011 02:34:03 -0400 Subject: How to avoid "too big header" issue? In-Reply-To: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> Message-ID: http://www.toofiles.com/zh/rawfilesdownload-documents-log-nginx.html Posted at Nginx Forum: http://forum.nginx.org/read.php?2,192785,195989#msg-195989 From igor at sysoev.ru Fri May 6 10:42:22 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 10:42:22 +0400 Subject: How to avoid "too big header" issue? In-Reply-To: References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506064222.GK85186@sysoev.ru> On Fri, May 06, 2011 at 02:34:03AM -0400, stalkercn wrote: > http://www.toofiles.com/zh/rawfilesdownload-documents-log-nginx.html According to this log nginx uses 4k fastcgi_buffer_size. Could you show your configuration ? -- Igor Sysoev From igor at sysoev.ru Fri May 6 10:46:04 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 10:46:04 +0400 Subject: FastCGI server status In-Reply-To: References: Message-ID: <20110506064604.GL85186@sysoev.ru> On Thu, May 05, 2011 at 10:33:02PM -0300, Marcelo Cabral wrote: > Hello, > > I was wondering if I could monitor FastCGI responses (timers, success, > failures, round robin stats, etc...) with nginx? > Any hints on how I could get this info? Only by logging variables: $upstream_response_time $upstream_status $upstream_addr -- Igor Sysoev From nginx-forum at nginx.us Fri May 6 10:52:54 2011 From: nginx-forum at nginx.us (stalkercn) Date: Fri, 06 May 2011 02:52:54 -0400 Subject: How to avoid "too big header" issue? In-Reply-To: References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> Message-ID: <352f1144fc8d4f12c32877f9005f9439.NginxMailingListEnglish@forum.nginx.org> http://www.toofiles.com/zh/rawfilesdownload-documents-conf-nginx.html Posted at Nginx Forum: http://forum.nginx.org/read.php?2,192785,195996#msg-195996 From igor at sysoev.ru Fri May 6 10:59:36 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 10:59:36 +0400 Subject: How to avoid "too big header" issue? In-Reply-To: References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506065936.GM85186@sysoev.ru> On Fri, May 06, 2011 at 02:34:03AM -0400, stalkercn wrote: > http://www.toofiles.com/zh/rawfilesdownload-documents-log-nginx.html nginx does not merge locations as Apache does, so: location / { root /home/www; index index.php index.html; } location ~ \.php$ { root /home/www; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /home/www$fastcgi_script_name; include fastcgi_params; fastcgi_temp_file_write_size 10m; fastcgi_busy_buffers_size 512k; fastcgi_buffer_size 512k; fastcgi_buffers 16 512k; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_intercept_errors on; fastcgi_next_upstream error invalid_header timeout http_500; } -- Igor Sysoev From nginx-forum at nginx.us Fri May 6 11:22:23 2011 From: nginx-forum at nginx.us (stalkercn) Date: Fri, 06 May 2011 03:22:23 -0400 Subject: How to avoid "too big header" issue? In-Reply-To: <352f1144fc8d4f12c32877f9005f9439.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> <352f1144fc8d4f12c32877f9005f9439.NginxMailingListEnglish@forum.nginx.org> Message-ID: <800b866ac3bd2851be3bd5dbc62e9c73.NginxMailingListEnglish@forum.nginx.org> ooh a foolish fault! But as seem as proxy mode,between two contiguous lines in the debug log,the time is 4-5 seconds,I dont know why? eg: 2011/05/06 15:14:10 [debug] 86514#0: *101 http upstream request: "/general/mytable/intel_view/index.php?" 2011/05/06 15:14:10 [debug] 86514#0: *101 http upstream dummy handler 2011/05/06 15:14:10 [debug] 86514#0: timer delta: 100 2011/05/06 15:14:10 [debug] 86514#0: posted events 0000000000000000 2011/05/06 15:14:10 [debug] 86514#0: worker cycle 2011/05/06 15:14:10 [debug] 86514#0: kevent timer: 299900, changes: 0 2011/05/06 15:14:14 [debug] 86514#0: kevent events: 1 2011/05/06 15:14:14 [debug] 86514#0: kevent: 8: ft:-1 fl:0020 ff:00000000 d:5816 ud:0000000801102150 2011/05/06 15:14:14 [debug] 86514#0: *101 http upstream request: "/general/mytable/intel_view/index.php?" 2011/05/06 15:14:14 [debug] 86514#0: *101 http upstream process header 2011/05/06 15:14:14 [debug] 86514#0: *101 malloc: 0000000801302000:524288 the full log: http://www.toofiles.com/zh/rawfilesdownload-documents-7z-nginx_log.html Posted at Nginx Forum: http://forum.nginx.org/read.php?2,192785,195999#msg-195999 From igor at sysoev.ru Fri May 6 11:39:02 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 11:39:02 +0400 Subject: How to avoid "too big header" issue? In-Reply-To: <800b866ac3bd2851be3bd5dbc62e9c73.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> <352f1144fc8d4f12c32877f9005f9439.NginxMailingListEnglish@forum.nginx.org> <800b866ac3bd2851be3bd5dbc62e9c73.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506073902.GA98651@sysoev.ru> On Fri, May 06, 2011 at 03:22:23AM -0400, stalkercn wrote: > ooh a foolish fault! > But as seem as proxy mode,between two contiguous lines in the debug > log,the time is 4-5 seconds,I dont know why? > > eg: > 2011/05/06 15:14:10 [debug] 86514#0: *101 http upstream request: > "/general/mytable/intel_view/index.php?" > 2011/05/06 15:14:10 [debug] 86514#0: *101 http upstream dummy handler > 2011/05/06 15:14:10 [debug] 86514#0: timer delta: 100 > 2011/05/06 15:14:10 [debug] 86514#0: posted events 0000000000000000 > 2011/05/06 15:14:10 [debug] 86514#0: worker cycle > 2011/05/06 15:14:10 [debug] 86514#0: kevent timer: 299900, changes: 0 > 2011/05/06 15:14:14 [debug] 86514#0: kevent events: 1 > 2011/05/06 15:14:14 [debug] 86514#0: kevent: 8: ft:-1 fl:0020 > ff:00000000 d:5816 ud:0000000801102150 > 2011/05/06 15:14:14 [debug] 86514#0: *101 http upstream request: > "/general/mytable/intel_view/index.php?" > 2011/05/06 15:14:14 [debug] 86514#0: *101 http upstream process header > 2011/05/06 15:14:14 [debug] 86514#0: *101 malloc: > 0000000801302000:524288 > > the full log: > http://www.toofiles.com/zh/rawfilesdownload-documents-7z-nginx_log.html 7z format is certainly not the best way to pack report logs. There is old good gzip: it's enough. As to delay, it seems that is is PHP delay. -- Igor Sysoev From nginx-forum at nginx.us Fri May 6 12:02:45 2011 From: nginx-forum at nginx.us (stalkercn) Date: Fri, 06 May 2011 04:02:45 -0400 Subject: How to avoid "too big header" issue? In-Reply-To: <800b866ac3bd2851be3bd5dbc62e9c73.NginxMailingListEnglish@forum.nginx.org> References: <12c7edea30d035b06c961d149e30db75.NginxMailingListEnglish@forum.nginx.org> <352f1144fc8d4f12c32877f9005f9439.NginxMailingListEnglish@forum.nginx.org> <800b866ac3bd2851be3bd5dbc62e9c73.NginxMailingListEnglish@forum.nginx.org> Message-ID: OK?I'll find out php problem,thanks anyway. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,192785,196007#msg-196007 From Richard.Kearsley at m247.com Fri May 6 13:37:12 2011 From: Richard.Kearsley at m247.com (Richard Kearsley) Date: Fri, 6 May 2011 09:37:12 +0000 Subject: aio info In-Reply-To: <20110505071212.GA36559@sysoev.ru> References: <20110505071212.GA36559@sysoev.ru> Message-ID: Is aio used while reading files from proxy_cache? I test aio on a file every 1s (it should be in ram buffers, so no disk io needed) Usually it takes 1ms (or lower), but sometimes it spikes to over a second if disks are really busy The max_aio_queue doesn't go above 3-4 during test Any ideas the cause of spikes? -----Original Message----- From: Igor Sysoev [mailto:igor at sysoev.ru] Sent: 05 May 2011 08:12 To: nginx at nginx.org Subject: Re: aio info On Thu, May 05, 2011 at 05:05:37AM +0000, Richard Kearsley wrote: > Hi > A lot of talk about AIO recently - I actually didn't know it existed before, so I am trying it on freebsd8 > > # sysctl -a | grep aio > kern.features.aio: 1 > vfs.aio.max_buf_aio: 16 > vfs.aio.max_aio_queue_per_proc: 256 > vfs.aio.max_aio_per_proc: 32 > vfs.aio.unloadable: 0 > vfs.aio.aiod_lifetime: 30000 > vfs.aio.aiod_timeout: 10000 > vfs.aio.num_buf_aio: 0 > vfs.aio.num_queue_count: 0 > vfs.aio.max_aio_queue: 1024 > vfs.aio.target_aio_procs: 4 > vfs.aio.num_aio_procs: 4 > vfs.aio.max_aio_procs: 32 > > Could anyone comment what these mean and how to go about tweaking for best performance (should any be increased?) $ sysctl -d vfs.aio vfs.aio: Async IO management vfs.aio.max_buf_aio: Maximum buf aio requests per process (stored in the process) vfs.aio.max_aio_queue_per_proc: Maximum queued aio requests per process (stored in the process) vfs.aio.max_aio_per_proc: Maximum active aio requests per process (stored in the process) vfs.aio.unloadable: Allow unload of aio (not recommended) vfs.aio.aiod_lifetime: Maximum lifetime for idle aiod vfs.aio.aiod_timeout: Timeout value for synchronous aio operations vfs.aio.num_buf_aio: Number of aio requests presently handled by the buf subsystem vfs.aio.num_queue_count: Number of queued aio requests vfs.aio.max_aio_queue: Maximum number of aio requests to queue, globally vfs.aio.target_aio_procs: Preferred number of ready kernel threads for async IO vfs.aio.num_aio_procs: Number of presently active kernel threads for async IO vfs.aio.max_aio_procs: Maximum number of kernel threads to use for handling async IO There are two types AIO operations inside FreeBSD kernel - raw file AIO (buf aio) and usual file AIO that uses in-kernel threads/processes. nginx uses only usual file AIO. Relevant sysctls are: vfs.aio.max_aio_queue: 1024 vfs.aio.max_aio_queue_per_proc: 256 vfs.aio.max_aio_per_proc: 32 vfs.aio.num_queue_count: 0 vfs.aio.max_aio_procs: 32 vfs.aio.target_aio_procs: 4 vfs.aio.num_aio_procs: 4 vfs.aio.aiod_lifetime: 30000 vfs.aio.aiod_timeout: 10000 You may want to increase vfs.aio.max_aio_procs vfs.aio.max_aio_queue vfs.aio.max_aio_queue_per_proc vfs.aio.max_aio_per_proc > Particularly.. vfs.aio.num_queue_count - does this monitor the amount of io waiting? Yes. -- Igor Sysoev _______________________________________________ nginx mailing list nginx at nginx.org http://nginx.org/mailman/listinfo/nginx From igor at sysoev.ru Fri May 6 14:50:17 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 14:50:17 +0400 Subject: aio info In-Reply-To: References: <20110505071212.GA36559@sysoev.ru> Message-ID: <20110506105017.GD3100@sysoev.ru> On Fri, May 06, 2011 at 09:37:12AM +0000, Richard Kearsley wrote: > Is aio used while reading files from proxy_cache? Yes, it works. For FreeBSD I recommend this settings: sendfile on; aio sendfile; tcp_nopush on; read_ahead 512k; > I test aio on a file every 1s (it should be in ram buffers, so no disk io needed) > Usually it takes 1ms (or lower), but sometimes it spikes to over a second if disks are really busy > The max_aio_queue doesn't go above 3-4 during test > Any ideas the cause of spikes? May be locks on VFS level. You can try this: open_file_cache max=5000 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 3; -- Igor Sysoev From ionathan at gmail.com Fri May 6 15:01:27 2011 From: ionathan at gmail.com (Jonathan Leibiusky) Date: Fri, 6 May 2011 08:01:27 -0300 Subject: Virtualization Message-ID: Hey! I am trying to virtualize nginx in my own private cloud. Is there any special consideration regard configuration that I have to consider? Anyone did something similar? Regard throughput, anyone with some numbers to share? Thanks! Jonathan From Richard.Kearsley at m247.com Fri May 6 16:52:51 2011 From: Richard.Kearsley at m247.com (Richard Kearsley) Date: Fri, 6 May 2011 12:52:51 +0000 Subject: aio info In-Reply-To: <20110506105017.GD3100@sysoev.ru> References: <20110505071212.GA36559@sysoev.ru> <20110506105017.GD3100@sysoev.ru> Message-ID: Hi Many thanks for your help, it is much appreciated. I am still getting these pauses. They happen every 30 seconds on the dot. What could be running/locking every 30 seconds? System disk (ad4) incurs usage at this point, and this should not be being used (ad5 and ad6 are the cache disks) (note that I increased the valid/inactive times you exampled to 300s to rule that out) From igor at sysoev.ru Fri May 6 17:00:30 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 17:00:30 +0400 Subject: aio info In-Reply-To: References: <20110505071212.GA36559@sysoev.ru> <20110506105017.GD3100@sysoev.ru> Message-ID: <20110506130030.GE3100@sysoev.ru> On Fri, May 06, 2011 at 12:52:51PM +0000, Richard Kearsley wrote: > Hi > Many thanks for your help, it is much appreciated. > I am still getting these pauses. They happen every 30 seconds on the dot. > What could be running/locking every 30 seconds? System disk (ad4) incurs usage at this point, and this should not be being used (ad5 and ad6 are the cache disks) > (note that I increased the valid/inactive times you exampled to 300s to rule that out) Could you run "top -S" and "systat -v 1" at time near to these peaks ? -- Igor Sysoev From nginx-forum at nginx.us Fri May 6 17:38:46 2011 From: nginx-forum at nginx.us (yellowbox9) Date: Fri, 06 May 2011 09:38:46 -0400 Subject: empty reply from server Message-ID: <4cd88446bdeea09b413fae442fa115e7.NginxMailingListEnglish@forum.nginx.org> I'm setting up a new nginx environment and I'm having issues with 404's. When I use curl to request a file that I know does not exist, nginx responds back with an empty reply.... I would prefer a 404 not found with the correct http status code. My config: user nobody; worker_processes 4; worker_rlimit_nofile 8192; events { worker_connections 4096; } http { include mime.types; default_type text/plain; log_format nn '$host $remote_addr - $remote_user [$time_local] ' '"$request" $status $bytes_sent ' '"$http_referer" "$http_user_agent"'; access_log /opt/nginx/logs/access.log nn; error_log /opt/nginx/logs/error.log; sendfile on; keepalive_timeout 0; server { listen 80 default; root /opt/nginx/html/; index index.html index.htm index.php index.php5; include /opt/nginx/conf/location_php.conf; } include /opt/nginx/conf/vhosts/*.conf; } The html root dir: bash> ls /opt/nginx/html/ 404.html 50x.html empty.html foobar index.html ping The curl request: curl -v http://localhost/index.html2 * About to connect() to localhost port 80 * Trying 127.0.0.1... connected * Connected to localhost (127.0.0.1) port 80 > GET /index.html2 HTTP/1.1 > User-Agent: curl/7.15.5 (i386-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 > Host: localhost > Accept: */* > * Empty reply from server * Connection #0 to host localhost left intact curl: (52) Empty reply from server * Closing connection #0 The access log: localhost 127.0.0.1 - - [06/May/2011:09:35:17 -0400] "GET /index.html2 HTTP/1.1" 200 0 "-" "curl/7.15.5 (i386-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5" - For some reason returning http status code 200? The error log: 2011/05/06 09:35:17 [error] 9879#0: *9312 open() "/opt/nginx/html/index.html2" failed (2: No such file or directory), client: 127.0.0.1, server: , request: "GET /index.html2 HTTP/1.1", host: "localhost" I don't understand what I'm doing wrong here... any thoughts? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196075,196075#msg-196075 From Richard.Kearsley at m247.com Fri May 6 17:49:58 2011 From: Richard.Kearsley at m247.com (Richard Kearsley) Date: Fri, 6 May 2011 13:49:58 +0000 Subject: aio info In-Reply-To: <20110506130030.GE3100@sysoev.ru> References: <20110505071212.GA36559@sysoev.ru> <20110506105017.GD3100@sysoev.ru> <20110506130030.GE3100@sysoev.ru> Message-ID: Hi Igor, Nothing stands out when looking at those stats (other than the disk %busy going from 50/60 straight up to 100). I.e. nothing is grabbing 100% cpu or something - there is barely 2% cpu usage and appears to drop during the 2-3 second lock period... Note that during my test, nginx is rebuilding the proxy_cache index (1,000,000's of files that it has to read from disk to build index after a restart) - does something happen with the cache manager process every 30 seconds during rebuild? From josh at joshparker.us Fri May 6 18:33:52 2011 From: josh at joshparker.us (Parker, Joshua) Date: Fri, 6 May 2011 10:33:52 -0400 Subject: Shared Hosting Message-ID: I have a dedicated server where i would like to offer shared hosting for WordPress multisite installs. What would be the best configuration for the virtual host files (more concerned with the server directive) since these sites will need to utilize dedicated IP's especially if they want to use domain mapping? Thanks for your help. -- Joshua Parker Church Management System - http://www.churchmember.us/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at ruby-forum.com Fri May 6 19:22:15 2011 From: lists at ruby-forum.com (John Travolota) Date: Fri, 06 May 2011 17:22:15 +0200 Subject: PHP virtual impossible on nginx? Message-ID: <6cba0fd16dce811389b4bbcabf054e5b@ruby-forum.com> It seems this is impossible on nginx,since php virtual is function attached to apache,but still posting this in hope how someone managed to make this work.For some reason a lot of scripts uses php virtual include instead just php include and that means they cant work on nginx unless i use SSI with SHTML extension.But i realy dont like SHTML extension plus i need to have support for SSI included on nginx configure for that,would rather use php extension if possible. -- Posted via http://www.ruby-forum.com/. From nginx-forum at nginx.us Fri May 6 20:16:55 2011 From: nginx-forum at nginx.us (jfix) Date: Fri, 06 May 2011 12:16:55 -0400 Subject: trouble with forward proxying Message-ID: <4e5c2db6e47b5d013dfbb23fa21a4b8a.NginxMailingListEnglish@forum.nginx.org> Hello, I've looked far and wide but couldn't find an answer to my problem. Here's a quick description: an appserver must use the company's http proxy for outgoing http requests, but cannot be configured. So I (tried) set up nginx to act as a forward proxy, like this: server { listen 9099; resolver 10.102.10.14; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://proxy.example.org:80$scheme://$http_host$request_uri; } error_log /cygdrive/E/data/logs/forward-proxy-nginx-error.log debug; access_log /cygdrive/E/data/logs/forward-proxy-nginx-access.log combined buffer=32k; } I couldn't find any config examples where the parent proxy is used in the proxy_pass directive. It seems like there is no other way to specify the company proxy than to add it to the proxy_pass directive. The error message I get is this, apparently, nginx looks for a colon and takes the rest as the port number: 2011/05/06 18:01:32 [error] 2420#0: *1 invalid port in upstream "proxy.example.orghttp://www.google.com/", client: 127.0.0.1, server: , request: "GET http://www.google.com/ HTTP/1.1", host: "www.google.com" If I change the proxy_pass directive to proxy_pass http://proxy.example.org:80/$scheme://$http_host$request_uri; it's the parent proxy that complains that a URL cannot start with a / character: The following error was encountered while trying to retrieve the URL: /http://www.g oogle.com/ I'm at a loss how to continue. Could somebody please help? Thanks very much in advance, Jakob. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196115,196115#msg-196115 From lpr at dyb.fm Fri May 6 20:20:24 2011 From: lpr at dyb.fm (Felipe Teofilo) Date: Fri, 6 May 2011 13:20:24 -0300 Subject: 502 Bad Gateway Message-ID: <978247EE-13A0-40BA-9886-61802681B105@dyb.fm> Hello, How can i change 502 bad gateway from all my vhosts, to do a unique erro page? I want redirect to /var/html/www/errors/502/ I try put at vhost config, but some time it doesnt work. Thanks, Felipe aka lpr From edhoprima at gmail.com Fri May 6 20:31:06 2011 From: edhoprima at gmail.com (Edho P Arief) Date: Fri, 6 May 2011 23:31:06 +0700 Subject: trouble with forward proxying In-Reply-To: <4e5c2db6e47b5d013dfbb23fa21a4b8a.NginxMailingListEnglish@forum.nginx.org> References: <4e5c2db6e47b5d013dfbb23fa21a4b8a.NginxMailingListEnglish@forum.nginx.org> Message-ID: On Fri, May 6, 2011 at 11:16 PM, jfix wrote: > I'm at a loss how to continue. Could somebody please help? ?Thanks very > much in advance, Jakob. > I don't know, perhaps it's related with nginx's description? From nginx-forum at nginx.us Fri May 6 21:16:55 2011 From: nginx-forum at nginx.us (uid_b) Date: Fri, 06 May 2011 13:16:55 -0400 Subject: Long URLs cause nginx to hang Message-ID: <16d8c9361e848788e6d2e07ecc8596db.NginxMailingListEnglish@forum.nginx.org> Hey everyone, I'm having strange issues with _very_ long url's under Nginx 1.0.1 (also tested under 0.8.54). Certain URL's with a large number of GET parameters are failing. I wrote a quick test script which only prints 1 line (php), and added a massive GET parameter: https://test/test.php?blah=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa This causes Nginx to hang indefinitely, the client receives absolutely no data (verified by tcpdump). Though, if I cut the parameter in half, it loads instantly. Is there a configuration directive I need to tweak in order to handle these massive URL's? Thanks! Ben Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196131,196131#msg-196131 From nginx-forum at nginx.us Fri May 6 21:37:17 2011 From: nginx-forum at nginx.us (uid_b) Date: Fri, 06 May 2011 13:37:17 -0400 Subject: Long URLs cause nginx to hang In-Reply-To: <16d8c9361e848788e6d2e07ecc8596db.NginxMailingListEnglish@forum.nginx.org> References: <16d8c9361e848788e6d2e07ecc8596db.NginxMailingListEnglish@forum.nginx.org> Message-ID: update: to rule out fastcgi/php I ran the same test against a basic HTML file with the same GET parameter, same problem. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196131,196138#msg-196138 From igor at sysoev.ru Fri May 6 21:55:20 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 21:55:20 +0400 Subject: Long URLs cause nginx to hang In-Reply-To: References: <16d8c9361e848788e6d2e07ecc8596db.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506175520.GB24743@sysoev.ru> On Fri, May 06, 2011 at 01:37:17PM -0400, uid_b wrote: > update: to rule out fastcgi/php I ran the same test against a basic HTML > file with the same GET parameter, same problem. Could you create a debug log of the HTML files request ? http://nginx.org/en/docs/debugging_log.html -- Igor Sysoev From igor at sysoev.ru Fri May 6 22:21:44 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 22:21:44 +0400 Subject: trouble with forward proxying In-Reply-To: <4e5c2db6e47b5d013dfbb23fa21a4b8a.NginxMailingListEnglish@forum.nginx.org> References: <4e5c2db6e47b5d013dfbb23fa21a4b8a.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506182144.GE24743@sysoev.ru> On Fri, May 06, 2011 at 12:16:55PM -0400, jfix wrote: > Hello, I've looked far and wide but couldn't find an answer to my > problem. > > Here's a quick description: an appserver must use the company's http > proxy for outgoing http requests, but cannot be configured. So I (tried) > set up nginx to act as a forward proxy, like this: > > server { > listen 9099; > resolver 10.102.10.14; > location / { > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header Host $http_host; > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > > proxy_pass > http://proxy.example.org:80$scheme://$http_host$request_uri; > } > > error_log /cygdrive/E/data/logs/forward-proxy-nginx-error.log debug; > access_log /cygdrive/E/data/logs/forward-proxy-nginx-access.log > combined buffer=32k; > } > > I couldn't find any config examples where the parent proxy is used in > the proxy_pass directive. > > It seems like there is no other way to specify the company proxy than to > add it to the proxy_pass directive. > > The error message I get is this, apparently, nginx looks for a colon and > takes the rest as the port number: > > 2011/05/06 18:01:32 [error] 2420#0: *1 invalid port in upstream > "proxy.example.orghttp://www.google.com/", client: 127.0.0.1, server: , > request: "GET http://www.google.com/ HTTP/1.1", host: "www.google.com" > > If I change the proxy_pass directive to > > proxy_pass > http://proxy.example.org:80/$scheme://$http_host$request_uri; > > it's the parent proxy that complains that a URL cannot start with a / > character: > > The following error was encountered while trying to retrieve the URL: href="/http://www.google.com/">/http://www.g > oogle.com/ > > I'm at a loss how to continue. Could somebody please help? Thanks very > much in advance, Jakob. nginx is not intended to run as a forward proxy. -- Igor Sysoev From igor at sysoev.ru Fri May 6 22:30:36 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 22:30:36 +0400 Subject: 502 Bad Gateway In-Reply-To: <978247EE-13A0-40BA-9886-61802681B105@dyb.fm> References: <978247EE-13A0-40BA-9886-61802681B105@dyb.fm> Message-ID: <20110506183036.GA30428@sysoev.ru> On Fri, May 06, 2011 at 01:20:24PM -0300, Felipe Teofilo wrote: > Hello, > > > How can i change 502 bad gateway from all my vhosts, to do a unique erro page? > > > I want redirect to /var/html/www/errors/502/ > > > I try put at vhost config, but some time it doesnt work. error_page 500 502 503 504 /50x.html; location = /50x.html { root /var/html/www/errors/502/; } -- Igor Sysoev From Brian.Akins at turner.com Fri May 6 22:46:49 2011 From: Brian.Akins at turner.com (Akins, Brian) Date: Fri, 06 May 2011 14:46:49 -0400 Subject: Lua pcre inside nginx In-Reply-To: <4DC21B59.4010309@gmail.com> Message-ID: On 5/4/11 11:36 PM, "Chaos Wang" wrote: > ngx_lua has fixed this problem, and can use pcre related extensions > normally after v0.1.6rc5. Thanks. Seems to work now. -- Brian Akins From nginx-forum at nginx.us Fri May 6 22:52:43 2011 From: nginx-forum at nginx.us (TECK) Date: Fri, 06 May 2011 14:52:43 -0400 Subject: MySQL and Nginx mystery Message-ID: <371f900423de05e1a7d49f9888dcfe64.NginxMailingListEnglish@forum.nginx.org> Hi all, I have set a fastcgi upstream into Nginx configuration: upstream fastcgi { ip_hash; server 192.168.0.2:9000; server 192.168.0.3:9000; server 192.168.0.4:9000; } Everything works perfect, except when I try to connect to MySQL, using PHP. $server = '192.168.0.40'; $username = 'tester'; $password = 'password'; mysql_connect($server, $username, $password); I get a connection error telling me that I cannot connect to MySQL using 192.168.0.2! (or whatever server I'm on it at that specific moment) Current setup: 3 web servers, 2 set with heartbeat, nginx as start service 2 db servers, set with heartbeat and DRBD, mysqld as start service Is there a header that I need to set into Nginx or this is a network configuration issue that I need to alert the host guys about? I did set the bind-address in my.cnf to 192.168.0.40 ip. Thanks for your help. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196165,196165#msg-196165 From nginx-forum at nginx.us Fri May 6 22:56:10 2011 From: nginx-forum at nginx.us (uid_b) Date: Fri, 06 May 2011 14:56:10 -0400 Subject: Long URLs cause nginx to hang In-Reply-To: References: <16d8c9361e848788e6d2e07ecc8596db.NginxMailingListEnglish@forum.nginx.org> Message-ID: <9383ec9105c69a6fb02fbfbd183e9af9.NginxMailingListEnglish@forum.nginx.org> I get 2 different outputs, depending on whether the connection is SSL or not Non-SSL: 2011/05/06 12:52:44 [debug] 13267#0: *48 accept: 192.168.10.21 fd:3 2011/05/06 12:52:44 [debug] 13267#0: *48 event timer add: 3: 120000:1304708084457 2011/05/06 12:52:44 [debug] 13267#0: *48 epoll add event: fd:3 op:1 ev:80000001 SSL: 2011/05/06 12:48:49 [debug] 12804#0: *16 accept: 192.168.10.21 fd:3 2011/05/06 12:48:49 [debug] 12804#0: *16 event timer add: 3: 120000:1304707849612 2011/05/06 12:48:49 [debug] 12804#0: *16 epoll add event: fd:3 op:1 ev:80000001 2011/05/06 12:48:49 [debug] 12804#0: *16 malloc: 0000000001440680:1296 2011/05/06 12:48:49 [debug] 12804#0: *16 posix_memalign: 000000000138BEB0:256 @16 2011/05/06 12:48:49 [debug] 12804#0: *16 malloc: 0000000001229710:1024 2011/05/06 12:48:49 [debug] 12804#0: *16 posix_memalign: 000000000151E9E0:4096 @16 2011/05/06 12:48:49 [debug] 12804#0: *16 http check ssl handshake 2011/05/06 12:48:49 [debug] 12804#0: *16 https ssl handshake: 0x16 2011/05/06 12:48:49 [debug] 12804#0: *16 SSL server name: "seismo" 2011/05/06 12:48:49 [debug] 12804#0: *16 SSL_do_handshake: -1 2011/05/06 12:48:49 [debug] 12804#0: *16 SSL_get_error: 2 2011/05/06 12:48:49 [debug] 12804#0: *16 SSL handshake handler: 0 2011/05/06 12:48:49 [debug] 12804#0: *16 SSL_do_handshake: 1 2011/05/06 12:48:49 [debug] 12804#0: *16 SSL: TLSv1, cipher: "DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1" 2011/05/06 12:48:49 [debug] 12804#0: *16 http process request line 2011/05/06 12:48:49 [debug] 12804#0: *16 SSL_read: -1 2011/05/06 12:48:49 [debug] 12804#0: *16 SSL_get_error: 2 If I remove the massive GET parameter: 2011/05/06 12:54:09 [debug] 13267#0: *69 accept: 192.168.10.21 fd:17 2011/05/06 12:54:09 [debug] 13267#0: *69 event timer add: 17: 120000:1304708169332 2011/05/06 12:54:09 [debug] 13267#0: *69 epoll add event: fd:17 op:1 ev:80000001 2011/05/06 12:54:09 [debug] 13267#0: *69 malloc: 00000000019EEE70:1296 2011/05/06 12:54:09 [debug] 13267#0: *69 posix_memalign: 0000000001B9B460:256 @16 2011/05/06 12:54:09 [debug] 13267#0: *69 malloc: 00000000019E0710:1024 2011/05/06 12:54:09 [debug] 13267#0: *69 posix_memalign: 0000000001C0AA40:4096 @16 2011/05/06 12:54:09 [debug] 13267#0: *69 http process request line 2011/05/06 12:54:09 [debug] 13267#0: *69 recv: fd:17 645 of 1024 2011/05/06 12:54:09 [debug] 13267#0: *69 http request line: "GET /test.html HTTP/1.1" 2011/05/06 12:54:09 [debug] 13267#0: *69 http uri: "/test.html" 2011/05/06 12:54:09 [debug] 13267#0: *69 http args: "" 2011/05/06 12:54:09 [debug] 13267#0: *69 http exten: "html" 2011/05/06 12:54:09 [debug] 13267#0: *69 http process request header line 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Host: seismo" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Accept-Language: en-us,en;q=0.5" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Accept-Encoding: gzip, deflate" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Keep-Alive: 115" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Connection: keep-alive" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Cookie: PHPSESSID=l3a89kpj6j0es6qbkkf1nd1p80; __utma=16576436.82209771.1304707931.1304707931.1304707931.1; __utmb=16576436.2.10.1304707931; __utmc=16576436; __utmz=16576436.1304707931.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "If-Modified-Since: Fri, 06 May 2011 18:36:06 GMT" 2011/05/06 12:54:09 [debug] 13267#0: *69 http header done 2011/05/06 12:54:09 [debug] 13267#0: *69 event timer del: 17: 1304708169332 2011/05/06 12:54:09 [debug] 13267#0: *69 generic phase: 0 2011/05/06 12:54:09 [debug] 13267#0: *69 rewrite phase: 1 2011/05/06 12:54:09 [debug] 13267#0: *69 test location: "/" 2011/05/06 12:54:09 [debug] 13267#0: *69 test location: ~ "\.php" 2011/05/06 12:54:09 [debug] 13267#0: *69 test location: ~ "/\.ht" 2011/05/06 12:54:09 [debug] 13267#0: *69 using configuration "/sparkle" 2011/05/06 12:54:09 [debug] 13267#0: *69 http cl:-1 max:10485760 2011/05/06 12:54:09 [debug] 13267#0: *69 rewrite phase: 3 2011/05/06 12:54:09 [debug] 13267#0: *69 post rewrite phase: 4 2011/05/06 12:54:09 [debug] 13267#0: *69 generic phase: 5 2011/05/06 12:54:09 [debug] 13267#0: *69 generic phase: 6 2011/05/06 12:54:09 [debug] 13267#0: *69 generic phase: 7 2011/05/06 12:54:09 [debug] 13267#0: *69 access phase: 8 2011/05/06 12:54:09 [debug] 13267#0: *69 access phase: 9 2011/05/06 12:54:09 [debug] 13267#0: *69 post access phase: 10 2011/05/06 12:54:09 [debug] 13267#0: *69 try files phase: 11 2011/05/06 12:54:09 [debug] 13267#0: *69 http script var: "/test.html" 2011/05/06 12:54:09 [debug] 13267#0: *69 try to use file: "/test.html" "/var/www/test.html" 2011/05/06 12:54:09 [debug] 13267#0: *69 try file uri: "/test.html" 2011/05/06 12:54:09 [debug] 13267#0: *69 content phase: 12 2011/05/06 12:54:09 [debug] 13267#0: *69 content phase: 13 2011/05/06 12:54:09 [debug] 13267#0: *69 content phase: 14 2011/05/06 12:54:09 [debug] 13267#0: *69 content phase: 15 2011/05/06 12:54:09 [debug] 13267#0: *69 content phase: 16 2011/05/06 12:54:09 [debug] 13267#0: *69 http filename: "/var/www/test.html" 2011/05/06 12:54:09 [debug] 13267#0: *69 add cleanup: 0000000001C0B638 2011/05/06 12:54:09 [debug] 13267#0: *69 http static fd: 18 2011/05/06 12:54:09 [debug] 13267#0: *69 http set discard body 2011/05/06 12:54:09 [debug] 13267#0: *69 http ims:1304706966 lm:1304706966 2011/05/06 12:54:09 [debug] 13267#0: *69 HTTP/1.1 304 Not Modified Server: nginx Date: Fri, 06 May 2011 18:54:09 GMT Last-Modified: Fri, 06 May 2011 18:36:06 GMT Connection: keep-alive 2011/05/06 12:54:09 [debug] 13267#0: *69 write new buf t:1 f:0 0000000001C0B7D0, pos 0000000001C0B7D0, size: 151 file: 0, size: 0 2011/05/06 12:54:09 [debug] 13267#0: *69 http write filter: l:1 f:0 s:151 2011/05/06 12:54:09 [debug] 13267#0: *69 http write filter limit 0 2011/05/06 12:54:09 [debug] 13267#0: *69 writev: 151 2011/05/06 12:54:09 [debug] 13267#0: *69 http write filter 0000000000000000 2011/05/06 12:54:09 [debug] 13267#0: *69 http finalize request: 0, "/sparkle/test.html?" a:1, c:1 2011/05/06 12:54:09 [debug] 13267#0: *69 set http keepalive handler 2011/05/06 12:54:09 [debug] 13267#0: *69 http close request 2011/05/06 12:54:09 [debug] 13267#0: *69 http log handler 2011/05/06 12:54:09 [debug] 13267#0: *69 run cleanup: 0000000001C0B638 2011/05/06 12:54:09 [debug] 13267#0: *69 file cleanup: fd:18 2011/05/06 12:54:09 [debug] 13267#0: *69 free: 0000000001C0AA40, unused: 273 2011/05/06 12:54:09 [debug] 13267#0: *69 event timer add: 17: 2000:1304708051332 2011/05/06 12:54:09 [debug] 13267#0: *69 free: 00000000019EEE70 2011/05/06 12:54:09 [debug] 13267#0: *69 free: 00000000019E0710 2011/05/06 12:54:09 [debug] 13267#0: *69 hc free: 0000000000000000 0 2011/05/06 12:54:09 [debug] 13267#0: *69 hc busy: 0000000000000000 0 2011/05/06 12:54:09 [debug] 13267#0: *69 tcp_nodelay 2011/05/06 12:54:09 [debug] 13267#0: *69 reusable connection: 1 2011/05/06 12:54:09 [debug] 13267#0: *69 post event 00000000019EE768 2011/05/06 12:54:09 [debug] 13267#0: *69 delete posted event 00000000019EE768 2011/05/06 12:54:09 [debug] 13267#0: *69 http keepalive handler 2011/05/06 12:54:09 [debug] 13267#0: *69 malloc: 00000000019E0710:1024 2011/05/06 12:54:09 [debug] 13267#0: *69 recv: fd:17 -1 of 1024 2011/05/06 12:54:09 [debug] 13267#0: *69 recv() not ready (11: Resource temporarily unavailable) 2011/05/06 12:54:11 [debug] 13267#0: *69 event timer del: 17: 1304708051332 2011/05/06 12:54:11 [debug] 13267#0: *69 http keepalive handler 2011/05/06 12:54:11 [debug] 13267#0: *69 close http connection: 17 2011/05/06 12:54:11 [debug] 13267#0: *69 reusable connection: 0 2011/05/06 12:54:11 [debug] 13267#0: *69 free: 00000000019E0710 2011/05/06 12:54:11 [debug] 13267#0: *69 free: 0000000000000000 2011/05/06 12:54:11 [debug] 13267#0: *69 free: 0000000001B9AC50, unused: 8 2011/05/06 12:54:11 [debug] 13267#0: *69 free: 0000000001B9B460, unused: 128 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196131,196167#msg-196167 From igor at sysoev.ru Fri May 6 23:00:10 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 23:00:10 +0400 Subject: Long URLs cause nginx to hang In-Reply-To: <9383ec9105c69a6fb02fbfbd183e9af9.NginxMailingListEnglish@forum.nginx.org> References: <16d8c9361e848788e6d2e07ecc8596db.NginxMailingListEnglish@forum.nginx.org> <9383ec9105c69a6fb02fbfbd183e9af9.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506190009.GC30428@sysoev.ru> On Fri, May 06, 2011 at 02:56:10PM -0400, uid_b wrote: > I get 2 different outputs, depending on whether the connection is SSL or > not > 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "User-Agent: > Mozilla/5.0 (X11; Linux x86_64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" > 2011/05/06 12:54:09 [debug] 13267#0: *69 http header: "Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" Did you try other browser ? -- Igor Sysoev From nginx-forum at nginx.us Fri May 6 23:14:22 2011 From: nginx-forum at nginx.us (uid_b) Date: Fri, 06 May 2011 15:14:22 -0400 Subject: Long URLs cause nginx to hang In-Reply-To: <20110506190009.GC30428@sysoev.ru> References: <20110506190009.GC30428@sysoev.ru> Message-ID: Igor Sysoev Wrote: ------------------------------------------------------- > Did you try other browser ? Yes, same message from both Firefox 4.0.1 and Chrome 11.0 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196131,196171#msg-196171 From igor at sysoev.ru Fri May 6 23:27:28 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 23:27:28 +0400 Subject: Long URLs cause nginx to hang In-Reply-To: <9383ec9105c69a6fb02fbfbd183e9af9.NginxMailingListEnglish@forum.nginx.org> References: <16d8c9361e848788e6d2e07ecc8596db.NginxMailingListEnglish@forum.nginx.org> <9383ec9105c69a6fb02fbfbd183e9af9.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506192728.GD30428@sysoev.ru> On Fri, May 06, 2011 at 02:56:10PM -0400, uid_b wrote: > I get 2 different outputs, depending on whether the connection is SSL or > not > > Non-SSL: > 2011/05/06 12:52:44 [debug] 13267#0: *48 accept: 192.168.10.21 fd:3 > 2011/05/06 12:52:44 [debug] 13267#0: *48 event timer add: 3: > 120000:1304708084457 > 2011/05/06 12:52:44 [debug] 13267#0: *48 epoll add event: fd:3 op:1 > ev:80000001 nginx does not receive any data and it should close connection after 120s. Did you run tcpdump on server side ? -- Igor Sysoev From nginx-forum at nginx.us Fri May 6 23:39:50 2011 From: nginx-forum at nginx.us (uid_b) Date: Fri, 06 May 2011 15:39:50 -0400 Subject: Long URLs cause nginx to hang In-Reply-To: References: <20110506190009.GC30428@sysoev.ru> Message-ID: This appears to be an issue with our VPN, I have no idea why everything works except for massive URL's but I don't think it's related to nginx in any way. Thanks for your help! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196131,196177#msg-196177 From nginx-forum at nginx.us Fri May 6 23:50:08 2011 From: nginx-forum at nginx.us (TECK) Date: Fri, 06 May 2011 15:50:08 -0400 Subject: MySQL and Nginx mystery In-Reply-To: <371f900423de05e1a7d49f9888dcfe64.NginxMailingListEnglish@forum.nginx.org> References: <371f900423de05e1a7d49f9888dcfe64.NginxMailingListEnglish@forum.nginx.org> Message-ID: <1644bcfa3d142f1496577fc567ace985.NginxMailingListEnglish@forum.nginx.org> What I actually try to do is: force Nginx to show one IP to the MySQL server, no matter on what server the user is. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196165,196181#msg-196181 From igor at sysoev.ru Fri May 6 23:51:58 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Fri, 6 May 2011 23:51:58 +0400 Subject: Long URLs cause nginx to hang In-Reply-To: References: <20110506190009.GC30428@sysoev.ru> Message-ID: <20110506195158.GA40054@sysoev.ru> On Fri, May 06, 2011 at 03:39:50PM -0400, uid_b wrote: > This appears to be an issue with our VPN, I have no idea why everything > works except for massive URL's but I don't think it's related to nginx > in any way. Try to search for "path mtu discovery vpn". -- Igor Sysoev From francis at daoine.org Sat May 7 01:06:26 2011 From: francis at daoine.org (Francis Daly) Date: Fri, 6 May 2011 22:06:26 +0100 Subject: MySQL and Nginx mystery In-Reply-To: <1644bcfa3d142f1496577fc567ace985.NginxMailingListEnglish@forum.nginx.org> References: <371f900423de05e1a7d49f9888dcfe64.NginxMailingListEnglish@forum.nginx.org> <1644bcfa3d142f1496577fc567ace985.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110506210626.GD12564@craic.sysops.org> On Fri, May 06, 2011 at 03:50:08PM -0400, TECK wrote: Hi there, > What I actually try to do is: force Nginx to show one IP to the MySQL > server, no matter on what server the user is. In your setup, nginx isn't talking to mysql at all. It's the fastcgi server that runs the php code that connects to mysql. So you'll want to look there for the resolution. Good luck, f -- Francis Daly francis at daoine.org From nginx-forum at nginx.us Sat May 7 16:49:43 2011 From: nginx-forum at nginx.us (bluescreen303) Date: Sat, 07 May 2011 08:49:43 -0400 Subject: proxy caching Message-ID: <4c8ed01f5f8401ff4d3e3634bc42488a.NginxMailingListEnglish@forum.nginx.org> Hi all, I would like to use nginx to cache some responses from my backends. There are basically 2 types of responses I would like to cache. - public images that never expire - private content The first one was easy, got that working already. Since my application uses timestamps in the html when referring to images, changes to them will be instantly picked up. The second one is way harder. Responses can become quite large (1 upto 10Mb). My backend application is putting etags on the responses so it can return 304s if nothing changed. Also, it puts a 5min max-age cache-control on it, Lastly, responses are marked private, because they are behind http basic authentication (handled by the backend app). What I would like nginx to do is the following: It should store the first response for a certain url, using the current http auth in the key (so it won't accidentally become publicly available). If a second request comes in for the same url with the same http auth within 5 minutes: serve from cache. If a second request comes in for the same url with the same http auth _after_ 5 mintutes: ask backend using the if-not-modified header. - if modified, store the new response. - if 304 not modified, respond from cache, update cache to be valid for 5 minutes again. If a request comes in for the same url but with other http auth: ignore cache and ask backend. The http auth stuff seems solvable by using the http auth in the cache_key. The other 2 things I would like to solve are: - I can't find clear info about nginx's handling of etag and if-not-modified. Will it work as described above out-of-the-box? It's especially important that nginx uses if-not-modified when querying the backend, even if the client request itself didn't contain it. Ofcourse if the client request did include it, it should receive a nice 304 too. - The backend sends Cache-Control: private for these responses. I would like nginx to cache them though. Ignoring the Cache-Control header doesn't seem to work (because without cache-control at all, caching seems disabled) Another option might be to have the backend set cache-control to public and have nginx set it back to private, but that sounds a bit hacky. Does anyone have any suggestions about how to proceed? Thanks a lot! Mathijs Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196280,196280#msg-196280 From mdounin at mdounin.ru Sun May 8 02:34:23 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sun, 8 May 2011 02:34:23 +0400 Subject: empty reply from server In-Reply-To: <4cd88446bdeea09b413fae442fa115e7.NginxMailingListEnglish@forum.nginx.org> References: <4cd88446bdeea09b413fae442fa115e7.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110507223423.GC42265@mdounin.ru> Hello! On Fri, May 06, 2011 at 09:38:46AM -0400, yellowbox9 wrote: > I'm setting up a new nginx environment and I'm having issues with 404's. > When I use curl to request a file that I know does not exist, nginx > responds back with an empty reply.... I would prefer a 404 not found > with the correct http status code. You will be surprised, but nginx returns 404 in such cases by default. > My config: > > user nobody; > worker_processes 4; > worker_rlimit_nofile 8192; > events > { > worker_connections 4096; > } > > http > { > include mime.types; > default_type text/plain; > log_format nn '$host $remote_addr - $remote_user [$time_local] > ' '"$request" $status $bytes_sent ' '"$http_referer" > "$http_user_agent"'; > access_log /opt/nginx/logs/access.log nn; > error_log /opt/nginx/logs/error.log; It's good idea to specify error_log at *global* level, not http. When defined at http level it will be only used for http-related problems, but not for generic problems. E.g. with your config information about abnormally terminated workers won't reach error_log you specified, but will go to compiled-in default error log instead. > sendfile on; > keepalive_timeout 0; > server > { > listen 80 default; > root /opt/nginx/html/; > index index.html index.htm index.php index.php5; > include /opt/nginx/conf/location_php.conf; Please show contents of the included file. > } > include /opt/nginx/conf/vhosts/*.conf; And please show contents of these includes, if there are any. > } > > The html root dir: > > bash> ls /opt/nginx/html/ > 404.html 50x.html empty.html foobar index.html ping > > The curl request: > > curl -v http://localhost/index.html2 > * About to connect() to localhost port 80 > * Trying 127.0.0.1... connected > * Connected to localhost (127.0.0.1) port 80 > > GET /index.html2 HTTP/1.1 > > User-Agent: curl/7.15.5 (i386-redhat-linux-gnu) libcurl/7.15.5 > OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 > > Host: localhost > > Accept: */* > > > * Empty reply from server > * Connection #0 to host localhost left intact > curl: (52) Empty reply from server > * Closing connection #0 > > The access log: > localhost 127.0.0.1 - - [06/May/2011:09:35:17 -0400] "GET /index.html2 > HTTP/1.1" 200 0 "-" "curl/7.15.5 (i386-redhat-linux-gnu) libcurl/7.15.5 > OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5" - For some reason returning http > status code 200? > > The error log: > 2011/05/06 09:35:17 [error] 9879#0: *9312 open() > "/opt/nginx/html/index.html2" failed (2: No such file or directory), > client: 127.0.0.1, server: , request: "GET /index.html2 HTTP/1.1", host: > "localhost" > > I don't understand what I'm doing wrong here... any thoughts? Empty response indicate either "return 444" somewhere in your config or some error occured (and it's impossible to return error to the client). Status 200 in your access log indicate that your set some error_page processing somewhere in your config. It's impossible to say anything for sure from information you provided (basically there is no full error log, and no full config), but I assume you did something like error_page 404 =200 /error; location /error { return 444; } which will lead to the exactly the same results as you described. Maxim Dounin From mdounin at mdounin.ru Sun May 8 03:29:31 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sun, 8 May 2011 03:29:31 +0400 Subject: proxy caching In-Reply-To: <4c8ed01f5f8401ff4d3e3634bc42488a.NginxMailingListEnglish@forum.nginx.org> References: <4c8ed01f5f8401ff4d3e3634bc42488a.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110507232930.GD42265@mdounin.ru> Hello! On Sat, May 07, 2011 at 08:49:43AM -0400, bluescreen303 wrote: > Hi all, > > I would like to use nginx to cache some responses from my backends. > There are basically 2 types of responses I would like to cache. > > - public images that never expire > - private content > > The first one was easy, got that working already. Since my application > uses timestamps in the html when referring to images, changes to them > will be instantly picked up. > > The second one is way harder. > Responses can become quite large (1 upto 10Mb). > My backend application is putting etags on the responses so it can > return 304s if nothing changed. > Also, it puts a 5min max-age cache-control on it, > Lastly, responses are marked private, because they are behind http basic > authentication (handled by the backend app). > > What I would like nginx to do is the following: > It should store the first response for a certain url, using the current > http auth in the key (so it won't accidentally become publicly > available). > If a second request comes in for the same url with the same http auth > within 5 minutes: serve from cache. > If a second request comes in for the same url with the same http auth > _after_ 5 mintutes: ask backend using the if-not-modified header. > - if modified, store the new response. > - if 304 not modified, respond from cache, update cache to be valid for > 5 minutes again. > If a request comes in for the same url but with other http auth: ignore > cache and ask backend. > > The http auth stuff seems solvable by using the http auth in the > cache_key. > The other 2 things I would like to solve are: > > - I can't find clear info about nginx's handling of etag and > if-not-modified. Will it work as described above out-of-the-box? > It's especially important that nginx uses if-not-modified when querying > the backend, even if the client request itself didn't contain it. > Ofcourse if the client request did include it, it should receive a nice > 304 too. Right now nginx can't use conditional requests to refresh cache. > - The backend sends Cache-Control: private for these responses. I would > like nginx to cache them though. > Ignoring the Cache-Control header doesn't seem to work (because without > cache-control at all, caching seems disabled) > Another option might be to have the backend set cache-control to public > and have nginx set it back to private, but that sounds a bit hacky. Solution is to ignore Cache-Control header and enable caching explicitly with proxy_cache_valid directive. Maxim Dounin From luky-37 at hotmail.com Sun May 8 20:17:11 2011 From: luky-37 at hotmail.com (Lukas Tribus) Date: Sun, 8 May 2011 18:17:11 +0200 Subject: proxy caching In-Reply-To: <20110507232930.GD42265@mdounin.ru> References: <4c8ed01f5f8401ff4d3e3634bc42488a.NginxMailingListEnglish@forum.nginx.org>, <20110507232930.GD42265@mdounin.ru> Message-ID: Hi, give varnish [1] a look, its probably better suited for such a scenario. [1] http://www.varnish-cache.org/ > Date: Sun, 8 May 2011 03:29:31 +0400 > From: mdounin at mdounin.ru > To: nginx at nginx.org > Subject: Re: proxy caching > > Hello! > > On Sat, May 07, 2011 at 08:49:43AM -0400, bluescreen303 wrote: > > > Hi all, > > > > I would like to use nginx to cache some responses from my backends. > > There are basically 2 types of responses I would like to cache. > > > > - public images that never expire > > - private content > > > > The first one was easy, got that working already. Since my application > > uses timestamps in the html when referring to images, changes to them > > will be instantly picked up. > > > > The second one is way harder. > > Responses can become quite large (1 upto 10Mb). > > My backend application is putting etags on the responses so it can > > return 304s if nothing changed. > > Also, it puts a 5min max-age cache-control on it, > > Lastly, responses are marked private, because they are behind http basic > > authentication (handled by the backend app). > > > > What I would like nginx to do is the following: > > It should store the first response for a certain url, using the current > > http auth in the key (so it won't accidentally become publicly > > available). > > If a second request comes in for the same url with the same http auth > > within 5 minutes: serve from cache. > > If a second request comes in for the same url with the same http auth > > _after_ 5 mintutes: ask backend using the if-not-modified header. > > - if modified, store the new response. > > - if 304 not modified, respond from cache, update cache to be valid for > > 5 minutes again. > > If a request comes in for the same url but with other http auth: ignore > > cache and ask backend. > > > > The http auth stuff seems solvable by using the http auth in the > > cache_key. > > The other 2 things I would like to solve are: > > > > - I can't find clear info about nginx's handling of etag and > > if-not-modified. Will it work as described above out-of-the-box? > > It's especially important that nginx uses if-not-modified when querying > > the backend, even if the client request itself didn't contain it. > > Ofcourse if the client request did include it, it should receive a nice > > 304 too. > > Right now nginx can't use conditional requests to refresh cache. > > > - The backend sends Cache-Control: private for these responses. I would > > like nginx to cache them though. > > Ignoring the Cache-Control header doesn't seem to work (because without > > cache-control at all, caching seems disabled) > > Another option might be to have the backend set cache-control to public > > and have nginx set it back to private, but that sounds a bit hacky. > > Solution is to ignore Cache-Control header and enable caching > explicitly with proxy_cache_valid directive. > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Sun May 8 23:15:28 2011 From: nginx-forum at nginx.us (zildjohn01) Date: Sun, 08 May 2011 15:15:28 -0400 Subject: nginx silently drops response body of POST depending on its length Message-ID: <221afc752b74444b2aa51a8b264f930c.NginxMailingListEnglish@forum.nginx.org> I've come across an incredibly weird problem with POST responses using nginx 1.0.1 and uWSGI 0.9.7.2 on CentOS 5.6. uWSGI successfully sends the response body to nginx, but nginx seems to ignore it if both (1) the request method is POST, and (2) the response length is less than 4052 bytes. The issue doesn't occur when serving directly using `uwsgi --http`, so I'm pretty sure the problem is something to do with nginx. To explain things in code, this Python results in the desired response: ....def app_uwsgi(environ, start_response): ........start_response('200 OK', [('Content-type', 'text/html')]) ........return [b'x' * 4052] while this results in zero bytes being sent to the client for POST requests: ....def app_uwsgi(environ, start_response): ........start_response('200 OK', [('Content-type', 'text/html')]) ........return [b'x' * 4051] I stripped down to a minimal nginx.conf, and the issue still occurs: ....events { ........worker_connections 1024; ....} ....http { ........upstream uwsgi_connect { ............server 127.0.0.1:39275; ........} ........server { ............listen 20101; ............server_name domain.net; ............location / { ................uwsgi_pass uwsgi_connect; ................include uwsgi_params; ............} ........} ....} Does anyone have any clue what could be causing this behavior? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196581,196581#msg-196581 From nginx-forum at nginx.us Mon May 9 07:12:29 2011 From: nginx-forum at nginx.us (bigplum) Date: Sun, 08 May 2011 23:12:29 -0400 Subject: nginx proxying do not locally save/buffer uploaded files? In-Reply-To: <20110504211549.GL32595@reaktio.net> References: <20110504211549.GL32595@reaktio.net> Message-ID: If we set proxy_store and proxy_cache to off, will nginx cache uploaded files? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,195656,196629#msg-196629 From roberto at unbit.it Mon May 9 09:41:42 2011 From: roberto at unbit.it (Roberto De Ioris) Date: Mon, 9 May 2011 07:41:42 +0200 (CEST) Subject: nginx silently drops response body of POST depending on its length In-Reply-To: <221afc752b74444b2aa51a8b264f930c.NginxMailingListEnglish@forum.nginx. org> References: <221afc752b74444b2aa51a8b264f930c.NginxMailingListEnglish@forum.nginx.org> Message-ID: > I've come across an incredibly weird problem with POST responses using > nginx 1.0.1 and uWSGI 0.9.7.2 on CentOS 5.6. > > uWSGI successfully sends the response body to nginx, but nginx seems to > ignore it if both (1) the request method is POST, and (2) the response > length is less than 4052 bytes. The issue doesn't occur when serving > directly using `uwsgi --http`, so I'm pretty sure the problem is > something to do with nginx. > > To explain things in code, this Python results in the desired response: > > ....def app_uwsgi(environ, start_response): > ........start_response('200 OK', [('Content-type', 'text/html')]) > ........return [b'x' * 4052] > > while this results in zero bytes being sent to the client for POST > requests: > > ....def app_uwsgi(environ, start_response): > ........start_response('200 OK', [('Content-type', 'text/html')]) > ........return [b'x' * 4051] > > I stripped down to a minimal nginx.conf, and the issue still occurs: > > ....events { > ........worker_connections 1024; > ....} > > ....http { > ........upstream uwsgi_connect { > ............server 127.0.0.1:39275; > ........} > > ........server { > ............listen 20101; > ............server_name domain.net; > > ............location / { > ................uwsgi_pass uwsgi_connect; > ................include uwsgi_params; > ............} > ........} > ....} > > Be sure to read POST body in your WSGI app if Content-Length > 0, otherwise your socket queue will get clobbered (nginx will receive a close when there is still data available in the queue) -- Roberto De Ioris http://unbit.it From jeffrpang at gmail.com Mon May 9 10:18:09 2011 From: jeffrpang at gmail.com (Jeff Pang) Date: Mon, 9 May 2011 14:18:09 +0800 Subject: server_name for https Message-ID: Hello, Since HTTPS doesn't support vhost, shall we have the need to put the server_name command in the server section? for example, server { listen 443; server_name xxx.example.com; .... } Thanks. -- Jeff Pang www.DNSbed.com From pasik at iki.fi Mon May 9 10:34:07 2011 From: pasik at iki.fi (Pasi =?iso-8859-1?Q?K=E4rkk=E4inen?=) Date: Mon, 9 May 2011 09:34:07 +0300 Subject: nginx proxying do not locally save/buffer uploaded files? In-Reply-To: References: <20110504211549.GL32595@reaktio.net> Message-ID: <20110509063407.GZ32595@reaktio.net> On Sun, May 08, 2011 at 11:12:29PM -0400, bigplum wrote: > If we set proxy_store and proxy_cache to off, will nginx cache uploaded > files? > proxy_cache only mentions "backend" .. so I think it's not for uploads.. -- Pasi From cedric.jeanneret at camptocamp.com Mon May 9 11:06:27 2011 From: cedric.jeanneret at camptocamp.com (Cedric Jeanneret) Date: Mon, 9 May 2011 09:06:27 +0200 Subject: server_name for https In-Reply-To: References: Message-ID: <20110509090627.68905d0d@cholatse.wrk.lsn.camptocamp.com> On Mon, 9 May 2011 14:18:09 +0800 Jeff Pang wrote: > Hello, > > Since HTTPS doesn't support vhost, shall we have the need to put the > server_name command in the server section? for example, > > server { > listen 443; > server_name xxx.example.com; > .... > } > > Thanks. > > o_O since when does HTTPS not support vhosts ? the only problem is when having multiple SSL vhosts on the same IP - the certificate has to cover all those vhosts. To answer your question, you shall provide: server_name $_; it's the default vhost Cheers, C. -- C?dric Jeanneret | System Administrator 021 619 10 32 | Camptocamp SA cedric.jeanneret at camptocamp.com | PSE-A / EPFL www.camptocamp.com | www.github.com/camptocamp -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From jeffrpang at gmail.com Mon May 9 11:39:11 2011 From: jeffrpang at gmail.com (Jeff Pang) Date: Mon, 9 May 2011 15:39:11 +0800 Subject: server_name for https In-Reply-To: <20110509090627.68905d0d@cholatse.wrk.lsn.camptocamp.com> References: <20110509090627.68905d0d@cholatse.wrk.lsn.camptocamp.com> Message-ID: 2011/5/9 Cedric Jeanneret : > On Mon, 9 May 2011 14:18:09 +0800 > Jeff Pang wrote: > >> Hello, >> >> Since HTTPS doesn't support vhost, shall we have the need to put the >> server_name command in the server section? for example, >> >> ? ? ? ? ?server { >> ? ? ? ? ? ? ? ? listen ? ? ? 443; >> ? ? ? ? ? ? ? ? server_name ?xxx.example.com; >> ? ? ? ? ? ? ? ? .... >> ? ? ? ? ?} >> >> Thanks. >> >> > > o_O since when does HTTPS not support vhosts ? > > the only problem is when having multiple SSL vhosts on the same IP - the certificate has to cover all those vhosts. > > To answer your question, you shall provide: > server_name $_; > > it's the default vhost > OK That's right thanks. I have misunderstood the SSL Proxy maybe, now I got it. -- Jeff Pang www.DNSbed.com From Richard.Kearsley at m247.com Mon May 9 13:33:18 2011 From: Richard.Kearsley at m247.com (Richard Kearsley) Date: Mon, 9 May 2011 09:33:18 +0000 Subject: aio info In-Reply-To: <20110506130030.GE3100@sysoev.ru> References: <20110505071212.GA36559@sysoev.ru> <20110506105017.GD3100@sysoev.ru> <20110506130030.GE3100@sysoev.ru> Message-ID: Running nginx on freebsd 8.2 with 16 workers and aio on, when the server encounters heavy writes, all processes are in D state Aio queue is way below system/process limit A request for small file (said file will be in fs buffer/cache) every second varies wildly from 1ms to over 1s >From man ps: D Marks a process in disk (or other short term, uninter-ruptible) wait. What's causing the lock? Many thanks Richard From pascal.nitsche at fansubcode.org Mon May 9 13:48:55 2011 From: pascal.nitsche at fansubcode.org (Pascal Nitsche) Date: Mon, 09 May 2011 11:48:55 +0200 Subject: server_name for https In-Reply-To: <20110509090627.68905d0d@cholatse.wrk.lsn.camptocamp.com> References: <20110509090627.68905d0d@cholatse.wrk.lsn.camptocamp.com> Message-ID: <4DC7B887.7060507@fansubcode.org> Am 09.05.2011 09:06, schrieb Cedric Jeanneret: > On Mon, 9 May 2011 14:18:09 +0800 > Jeff Pang wrote: > >> Hello, >> >> Since HTTPS doesn't support vhost, shall we have the need to put the >> server_name command in the server section? for example, >> >> server { >> listen 443; >> server_name xxx.example.com; >> .... >> } >> >> Thanks. >> >> > o_O since when does HTTPS not support vhosts ? > > the only problem is when having multiple SSL vhosts on the same IP - the certificate has to cover all those vhosts. > > To answer your question, you shall provide: > server_name $_; > > it's the default vhost > > Cheers, > > C. Even this is not needed since nginx does support SNI. http://en.wikipedia.org/wiki/Server_Name_Indication Hope this helps a bit, Pascal From nginx-forum at nginx.us Mon May 9 14:52:28 2011 From: nginx-forum at nginx.us (davidkazuhiro) Date: Mon, 09 May 2011 06:52:28 -0400 Subject: Logs in wrong order Message-ID: When I hit the nginx server with a very rapid succession of requests from multiple clients, the logs will be out of order. For example, the log times would appear like this: ... 18:10:11 ... ... 18:10:11 ... ... 18:10:11 ... ... 18:10:12 ... ... 18:10:11 ... ... 18:10:12 ... ... 18:10:11 ... ... 18:10:12 ... ... 18:10:12 ... ... 18:10:12 ... Why would this be? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196690,196690#msg-196690 From mdounin at mdounin.ru Mon May 9 14:52:35 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 9 May 2011 14:52:35 +0400 Subject: nginx silently drops response body of POST depending on its length In-Reply-To: <221afc752b74444b2aa51a8b264f930c.NginxMailingListEnglish@forum.nginx.org> References: <221afc752b74444b2aa51a8b264f930c.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110509105235.GE42265@mdounin.ru> Hello! On Sun, May 08, 2011 at 03:15:28PM -0400, zildjohn01 wrote: > I've come across an incredibly weird problem with POST responses using > nginx 1.0.1 and uWSGI 0.9.7.2 on CentOS 5.6. > > uWSGI successfully sends the response body to nginx, but nginx seems to > ignore it if both (1) the request method is POST, and (2) the response > length is less than 4052 bytes. The issue doesn't occur when serving > directly using `uwsgi --http`, so I'm pretty sure the problem is > something to do with nginx. > > To explain things in code, this Python results in the desired response: > > ....def app_uwsgi(environ, start_response): > ........start_response('200 OK', [('Content-type', 'text/html')]) > ........return [b'x' * 4052] > > while this results in zero bytes being sent to the client for POST > requests: > > ....def app_uwsgi(environ, start_response): > ........start_response('200 OK', [('Content-type', 'text/html')]) > ........return [b'x' * 4051] > > I stripped down to a minimal nginx.conf, and the issue still occurs: > > ....events { > ........worker_connections 1024; > ....} > > ....http { > ........upstream uwsgi_connect { > ............server 127.0.0.1:39275; > ........} > > ........server { > ............listen 20101; > ............server_name domain.net; > > ............location / { > ................uwsgi_pass uwsgi_connect; > ................include uwsgi_params; > ............} > ........} > ....} > > Does anyone have any clue what could be causing this behavior? As it was already said - you have to read body of POST before sending reply. Else you'll get something like ... readv() failed (54: Connection reset by peer) while reading upstream ... in nginx error log and possibly incorrect reply (depending on various factors, including sizes and event method used). Maxim Dounin From jeffrpang at gmail.com Mon May 9 14:58:12 2011 From: jeffrpang at gmail.com (Jeff Pang) Date: Mon, 9 May 2011 18:58:12 +0800 Subject: log rotate Message-ID: Hi, Does nginx support the feature of logrotate by log4j format? log4j is rotate the log files by each date and rename the old logs with log_name.YYYY-MM-DD. Thanks. -- Jeff Pang www.DNSbed.com From mdounin at mdounin.ru Mon May 9 15:08:15 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 9 May 2011 15:08:15 +0400 Subject: Logs in wrong order In-Reply-To: References: Message-ID: <20110509110815.GG42265@mdounin.ru> Hello! On Mon, May 09, 2011 at 06:52:28AM -0400, davidkazuhiro wrote: > When I hit the nginx server with a very rapid succession of requests > from multiple clients, the logs will be out of order. For example, the > log times would appear like this: > > ... 18:10:11 ... > ... 18:10:11 ... > ... 18:10:11 ... > ... 18:10:12 ... > ... 18:10:11 ... > ... 18:10:12 ... > ... 18:10:11 ... > ... 18:10:12 ... > ... 18:10:12 ... > ... 18:10:12 ... > > Why would this be? Time in different nginx worker processes may be slightly different as nginx only updates time once per event loop iteration (or even less frequently if timer_resolution set). This in turn results in out-of-order times in logs you see when requests from different workers are logged. Similar effect may be also seen when using log buffering (though in this case you'll see blocks with successive times up to log buffer size, not individual lines). Maxim Dounin From mdounin at mdounin.ru Mon May 9 15:11:24 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 9 May 2011 15:11:24 +0400 Subject: log rotate In-Reply-To: References: Message-ID: <20110509111124.GH42265@mdounin.ru> Hello! On Mon, May 09, 2011 at 06:58:12PM +0800, Jeff Pang wrote: > Hi, > > Does nginx support the feature of logrotate by log4j format? > log4j is rotate the log files by each date and rename the old logs > with log_name.YYYY-MM-DD. nginx doesn't do any log rotation by itself. You have to rename logs yourself (or with your favorite logrotate tool) and send USR1 signal to nginx to instruct it to reopen log files. Maxim Dounin From mdounin at mdounin.ru Mon May 9 15:21:49 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 9 May 2011 15:21:49 +0400 Subject: aio info In-Reply-To: References: <20110505071212.GA36559@sysoev.ru> <20110506105017.GD3100@sysoev.ru> <20110506130030.GE3100@sysoev.ru> Message-ID: <20110509112149.GI42265@mdounin.ru> Hello! On Mon, May 09, 2011 at 09:33:18AM +0000, Richard Kearsley wrote: > Running nginx on freebsd 8.2 with 16 workers and aio on, when the server encounters heavy writes, all processes are in D state > Aio queue is way below system/process limit > A request for small file (said file will be in fs buffer/cache) every second varies wildly from 1ms to over 1s > > >From man ps: > D Marks a process in disk (or other short term, uninter-ruptible) wait. > > What's causing the lock? You may want to look at WCHAN instead, it should contain more information. Please note that AIO interface only allows to do async reads, but open()/stat()/... are still blocking. This may be a problem if you've run out of vnodes (sysctl kern.maxvnodes) or there are other reasons NAMEI lookups can't be effectively cached by OS. Maxim Dounin From nginx-forum at nginx.us Mon May 9 16:13:39 2011 From: nginx-forum at nginx.us (davidkazuhiro) Date: Mon, 09 May 2011 08:13:39 -0400 Subject: Logs in wrong order In-Reply-To: <20110509110815.GG42265@mdounin.ru> References: <20110509110815.GG42265@mdounin.ru> Message-ID: <0aaee937b2ca97d2ea64d4786bdb7ac8.NginxMailingListEnglish@forum.nginx.org> Oh I see, tricky. How is an event loop defined? Is there a value definable in nginx.conf which can shorten the event loop? Or can I just increase timer resolution to a really high number to make the log times more accurate? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196690,196707#msg-196707 From lists at ruby-forum.com Mon May 9 18:17:25 2011 From: lists at ruby-forum.com (Maik Unger) Date: Mon, 09 May 2011 16:17:25 +0200 Subject: Expierence nGinx with Typo3 Caching Message-ID: <9eb8c174d8244c592e22be2170d99653@ruby-forum.com> Hello Everybody, Does anybody have expierence with nginx and typo3 caching? I have a very strange problem with the caching on of our customers sites. They made changes in typo3. On the first domain first.domain.de the changes will take their effect. When the customer will make another changes, then the nginx will show the old cache. What is here the problem? Maybe the proxy_cache_key? Best Regards, Maik -- Posted via http://www.ruby-forum.com/. From lists at ruby-forum.com Mon May 9 19:53:07 2011 From: lists at ruby-forum.com (John Travolota) Date: Mon, 09 May 2011 17:53:07 +0200 Subject: How to redirect non anonymous proxy traffic? Message-ID: <8078670c1a98c6521834d738a287afce@ruby-forum.com> I know it's something with HTTP_X_FORWARDED directive but not sure how to make it work. I need detection of it and then redirect to set URL. -- Posted via http://www.ruby-forum.com/. From nginx-forum at nginx.us Mon May 9 20:19:52 2011 From: nginx-forum at nginx.us (zildjohn01) Date: Mon, 09 May 2011 12:19:52 -0400 Subject: nginx silently drops response body of POST depending on its length In-Reply-To: <221afc752b74444b2aa51a8b264f930c.NginxMailingListEnglish@forum.nginx.org> References: <221afc752b74444b2aa51a8b264f930c.NginxMailingListEnglish@forum.nginx.org> Message-ID: <6982d9bbdfc2231e83c84ca123ab028e.NginxMailingListEnglish@forum.nginx.org> Thanks, that helped point me to the issue. It turns out the problem was that I didn't pass --pep3333-input to uWSGI, so it was converting all CRLFs to LFs in the request body, so CONTENT_LENGTH didn't match the data length. Passing that flag to uWSGI made it pass the raw stream to my app and solved the problem. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196581,196761#msg-196761 From ionathan at gmail.com Mon May 9 20:42:41 2011 From: ionathan at gmail.com (Jonathan Leibiusky) Date: Mon, 9 May 2011 13:42:41 -0300 Subject: proxy_next_upstream and POSTs Message-ID: Hi! Nginx is great and the way it handles upstream and failed server as well! I would just like to avoid retrying request when they are POSTs, as POSTs are no idempotent and my backend can't handle duplicated POSTs right now. So I started to mess around with the code. What I have in mind is to create a module that will change the behavior of proxy_next_upstream by just checking that http method != POST. I believe it supposed to be really simple. So a couple of questions for those who are into nginx source code: 1. Is there any good article, blog post, etc, that explain how to create and test a module? 2. Any good advice on how I should do it? I was thinking on adding the validation somewhere in ngx_http_upstream_test_next (ngx_http_upstream.c), something like: if (r->method == NGX_HTTP_POST) { return NGX_DECLINED; } If this is OK, how could I do this from a module? So when someone compiles nginx with this module, he'll have this behavior instead of the standard one? Sorry if my questions are dumb. Jonathan -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Mon May 9 21:18:34 2011 From: nginx-forum at nginx.us (yellowbox9) Date: Mon, 09 May 2011 13:18:34 -0400 Subject: empty reply from server In-Reply-To: <4cd88446bdeea09b413fae442fa115e7.NginxMailingListEnglish@forum.nginx.org> References: <4cd88446bdeea09b413fae442fa115e7.NginxMailingListEnglish@forum.nginx.org> Message-ID: <8977fb6f50245565eaa9b33541fa9413.NginxMailingListEnglish@forum.nginx.org> Nothing is in the vhosts dir.... and I'm not doing anything like : error_page 404 =200 /error; location /error { return 444; } Not Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196075,196789#msg-196789 From ionathan at gmail.com Tue May 10 02:37:36 2011 From: ionathan at gmail.com (Jonathan Leibiusky) Date: Mon, 9 May 2011 19:37:36 -0300 Subject: proxy_next_upstream and POSTs In-Reply-To: References: Message-ID: I read some modules out there and could manage to write a custom module that will do the job. I have some doubts though. How can I call the original upstream module from my own upstream module? I don't want to replace it. I think the magic might go here: ngx_http_upstream_init__peer method. Is that right? Is there any example that I can use? Thanks! Jonathan On Mon, May 9, 2011 at 1:42 PM, Jonathan Leibiusky wrote: > Hi! > Nginx is great and the way it handles upstream and failed server as well! I > would just like to avoid retrying request when they are POSTs, as POSTs are > no idempotent and my backend can't handle duplicated POSTs right now. > So I started to mess around with the code. What I have in mind is to create > a module that will change the behavior of proxy_next_upstream by just > checking that http method != POST. > I believe it supposed to be really simple. > So a couple of questions for those who are into nginx source code: > 1. Is there any good article, blog post, etc, that explain how to create > and test a module? > 2. Any good advice on how I should do it? I was thinking on adding the > validation somewhere in ngx_http_upstream_test_next (ngx_http_upstream.c), > something like: > if (r->method == NGX_HTTP_POST) { > return NGX_DECLINED; > } > > If this is OK, how could I do this from a module? So when someone compiles > nginx with this module, he'll have this behavior instead of the standard > one? > > Sorry if my questions are dumb. > > Jonathan > -------------- next part -------------- An HTML attachment was scrubbed... URL: From member at linkedin.com Tue May 10 10:46:50 2011 From: member at linkedin.com (=?UTF-8?Q?=E5=AD=A6=E9=B9=8F_=E6=9D=8E_via_LinkedIn?=) Date: Tue, 10 May 2011 06:46:50 +0000 (UTC) Subject: Invitation to connect on LinkedIn Message-ID: <169429782.5059641.1305010010543.JavaMail.app@ela4-bed79.prod> LinkedIn ------------?? ? requested to add you as a connection on LinkedIn: ------------------------------------------ Evert, I'd like to add you to my professional network on LinkedIn. - ?? Accept invitation from ?? ? http://www.linkedin.com/e/-k9ugzs-gnih9kmm-66/vknzOax-I0d5XpARv228ODrxyY/blk/I2800928867_2/1BpC5vrmRLoRZcjkkZt5YCpnlOt3RApnhMpmdzgmhxrSNBszYOnPsSe3wOej0Me399bR1zkDwTkzBdbPwOd30MdPoQe38LrCBxbOYWrSlI/EML_comm_afe/ View invitation from ?? ? http://www.linkedin.com/e/-k9ugzs-gnih9kmm-66/vknzOax-I0d5XpARv228ODrxyY/blk/I2800928867_2/39vdPoUe38Vc30UcAALqnpPbOYWrSlI/svi/ ------------------------------------------ DID YOU KNOW your LinkedIn profile helps you control your public image when people search for you? Setting your profile as public means your LinkedIn profile will come up when people enter your name in leading search engines. Take control of your image! http://www.linkedin.com/e/-k9ugzs-gnih9kmm-66/ewp/inv-22/ -- (c) 2011, LinkedIn Corporation -------------- next part -------------- An HTML attachment was scrubbed... URL: From antoine.bonavita at gmail.com Tue May 10 11:22:27 2011 From: antoine.bonavita at gmail.com (Antoine Bonavita) Date: Tue, 10 May 2011 09:22:27 +0200 Subject: proxy_next_upstream and POSTs In-Reply-To: References: Message-ID: Hello, You might want to have a look at Evan's Miller section on proxying handlers: http://www.evanmiller.org/nginx-modules-guide.html#proxying This page is pretty much considered *the* reference for module development. Enjoy, Antoine. -- Low fare on trips to nginx land: visit http://www.nginx-discovery.com On Tue, May 10, 2011 at 12:37 AM, Jonathan Leibiusky wrote: > I read some modules out there and could manage to write a custom module that > will do the job. I have some doubts though. > How can I call the original upstream module from my own upstream module? I > don't want to replace it. > > I think the magic might go here: > ngx_http_upstream_init__peer method. Is that right? Is there > any example that I can use? > > Thanks! > > Jonathan > > On Mon, May 9, 2011 at 1:42 PM, Jonathan Leibiusky > wrote: >> >> Hi! >> Nginx is great and the way it handles upstream and failed server as well! >> I would just like to avoid retrying request when they are POSTs, as POSTs >> are no idempotent and my backend can't handle duplicated POSTs right now. >> So I started to mess around with the code. What I have in mind is to >> create a module that will change the behavior of proxy_next_upstream by just >> checking that http method != POST. >> I believe it supposed to be really simple. >> So a couple of questions for those who are into nginx source code: >> 1. Is there any good article, blog post, etc, that explain how to create >> and test a module? >> 2. Any good advice on how I should do it? I was thinking on adding the >> validation somewhere in ngx_http_upstream_test_next (ngx_http_upstream.c), >> something like: >> if (r->method == NGX_HTTP_POST) { >> ? return NGX_DECLINED; >> } >> >> If this is OK, how could I do this from a module? So when someone compiles >> nginx with this module, he'll have this behavior instead of the standard >> one? >> >> Sorry if my questions are dumb. >> >> Jonathan > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > > From grails at jmsd.co.uk Tue May 10 13:31:06 2011 From: grails at jmsd.co.uk (John Moore) Date: Tue, 10 May 2011 10:31:06 +0100 Subject: 2048 worker_connections are not enough while connecting to upstream Message-ID: <4DC905DA.7000200@jmsd.co.uk> I'm using nginx as a remote proxy server in front of some Tomcat instances, with pretty high traffic. Suddenly yesterday afternoon we started getting the error in the message subject, one I'd never seen before, and it's occurred tens of thousands of times since. Now, I've upped the worker_connections count to a much higher figure and the problem has gone away for now. But I'm concerned that it might be indicative of something else - some kind of DOS attack, maybe? What does this signify and why might we suddenly start getting it? Thanks. John From mdounin at mdounin.ru Tue May 10 14:19:22 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 10 May 2011 14:19:22 +0400 Subject: 2048 worker_connections are not enough while connecting to upstream In-Reply-To: <4DC905DA.7000200@jmsd.co.uk> References: <4DC905DA.7000200@jmsd.co.uk> Message-ID: <20110510101922.GJ42265@mdounin.ru> Hello! On Tue, May 10, 2011 at 10:31:06AM +0100, John Moore wrote: > I'm using nginx as a remote proxy server in front of some Tomcat > instances, with pretty high traffic. Suddenly yesterday afternoon we > started getting the error in the message subject, one I'd never seen > before, and it's occurred tens of thousands of times since. Now, > I've upped the worker_connections count to a much higher figure and > the problem has gone away for now. But I'm concerned that it might > be indicative of something else - some kind of DOS attack, maybe? > What does this signify and why might we suddenly start getting it? > Thanks. Without proper history graphs (use stub_status, Luke!) it's hard to say if you are under attack or just your normal load reached the bar (or your backend response time degraded and this resulted in more connections used, or your network uplink has problems and this caused more connections...). On the other hand, 2048 is pretty low, and easily reached even without keepalive. Usual production values for "high traffic" sites is over 9000. Please also note that using high worker_connections may also require tuning of your OS to allow appropriate number of file descriptors to be used. Maxim Dounin From grails at jmsd.co.uk Tue May 10 14:32:29 2011 From: grails at jmsd.co.uk (John Moore) Date: Tue, 10 May 2011 11:32:29 +0100 Subject: 2048 worker_connections are not enough while connecting to upstream In-Reply-To: <20110510101922.GJ42265@mdounin.ru> References: <4DC905DA.7000200@jmsd.co.uk> <20110510101922.GJ42265@mdounin.ru> Message-ID: <4DC9143D.3070903@jmsd.co.uk> On 10/05/11 11:19, Maxim Dounin wrote: > Hello! > > On Tue, May 10, 2011 at 10:31:06AM +0100, John Moore wrote: > > >> I'm using nginx as a remote proxy server in front of some Tomcat >> instances, with pretty high traffic. Suddenly yesterday afternoon we >> started getting the error in the message subject, one I'd never seen >> before, and it's occurred tens of thousands of times since. Now, >> I've upped the worker_connections count to a much higher figure and >> the problem has gone away for now. But I'm concerned that it might >> be indicative of something else - some kind of DOS attack, maybe? >> What does this signify and why might we suddenly start getting it? >> Thanks. >> > Without proper history graphs (use stub_status, Luke!) it's hard > to say if you are under attack or just your normal load reached > the bar (or your backend response time degraded and this resulted > in more connections used, or your network uplink has problems and > this caused more connections...). > I'll look into these. > On the other hand, 2048 is pretty low, and easily reached even > without keepalive. Usual production values for "high traffic" > sites is over 9000. > OK, I may bump it up a bit higher than the 8192 I set it as today. > Please also note that using high worker_connections may also > require tuning of your OS to allow appropriate number of file > descriptors to be used. > I made this change a while back, so we should be OK with that. Thanks for your extremely lucid help! John From igor at sysoev.ru Tue May 10 16:29:51 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Tue, 10 May 2011 16:29:51 +0400 Subject: nginx-1.0.2 Message-ID: <20110510122951.GE90700@sysoev.ru> Changes with nginx 1.0.2 10 May 2011 *) Feature: now shared zones and caches use POSIX semaphores. *) Bugfix: in the "rotate" parameter of the "image_filter" directive. Thanks to Adam Bocim. *) Bugfix: nginx could not be built on Solaris; the bug had appeared in 1.0.1. -- Igor Sysoev From ionathan at gmail.com Tue May 10 18:09:45 2011 From: ionathan at gmail.com (Jonathan Leibiusky) Date: Tue, 10 May 2011 11:09:45 -0300 Subject: proxy_next_upstream and POSTs In-Reply-To: References: Message-ID: Thanks! That guide was really useful. I almost have it done. What is missing there is how to test and maybe something even more generic. Once I finish my module I will try to write an even more basic guide to help people :) Jonathan On 5/10/11, Antoine Bonavita wrote: > Hello, > > You might want to have a look at Evan's Miller section on proxying > handlers: http://www.evanmiller.org/nginx-modules-guide.html#proxying > This page is pretty much considered *the* reference for module development. > > Enjoy, > > Antoine. > -- > Low fare on trips to nginx land: visit http://www.nginx-discovery.com > > On Tue, May 10, 2011 at 12:37 AM, Jonathan Leibiusky > wrote: >> I read some modules out there and could manage to write a custom module >> that >> will do the job. I have some doubts though. >> How can I call the original upstream module from my own upstream module? I >> don't want to replace it. >> >> I think the magic might go here: >> ngx_http_upstream_init__peer method. Is that right? Is there >> any example that I can use? >> >> Thanks! >> >> Jonathan >> >> On Mon, May 9, 2011 at 1:42 PM, Jonathan Leibiusky >> wrote: >>> >>> Hi! >>> Nginx is great and the way it handles upstream and failed server as well! >>> I would just like to avoid retrying request when they are POSTs, as POSTs >>> are no idempotent and my backend can't handle duplicated POSTs right now. >>> So I started to mess around with the code. What I have in mind is to >>> create a module that will change the behavior of proxy_next_upstream by >>> just >>> checking that http method != POST. >>> I believe it supposed to be really simple. >>> So a couple of questions for those who are into nginx source code: >>> 1. Is there any good article, blog post, etc, that explain how to create >>> and test a module? >>> 2. Any good advice on how I should do it? I was thinking on adding the >>> validation somewhere in ngx_http_upstream_test_next >>> (ngx_http_upstream.c), >>> something like: >>> if (r->method == NGX_HTTP_POST) { >>> ? return NGX_DECLINED; >>> } >>> >>> If this is OK, how could I do this from a module? So when someone >>> compiles >>> nginx with this module, he'll have this behavior instead of the standard >>> one? >>> >>> Sorry if my questions are dumb. >>> >>> Jonathan >> >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://nginx.org/mailman/listinfo/nginx >> >> > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > From piotr.sikora at frickle.com Tue May 10 18:32:08 2011 From: piotr.sikora at frickle.com (Piotr Sikora) Date: Tue, 10 May 2011 16:32:08 +0200 Subject: proxy_next_upstream and POSTs In-Reply-To: References: Message-ID: Hi, > 2. Any good advice on how I should do it? I was thinking on adding the > validation somewhere in ngx_http_upstream_test_next (ngx_http_upstream.c), > something like: > if (r->method == NGX_HTTP_POST) { > return NGX_DECLINED; > } Keep in mind that you should decline sending request to another backend, only if you already sent it upstream. There is a bunch of errors (bad gateway, connection timeout, etc) which could lead to the code path in question, for which you should still send request to another backend. Best regards, Piotr Sikora < piotr.sikora at frickle.com > From ionathan at gmail.com Tue May 10 18:48:28 2011 From: ionathan at gmail.com (Jonathan Leibiusky) Date: Tue, 10 May 2011 11:48:28 -0300 Subject: proxy_next_upstream and POSTs In-Reply-To: References: Message-ID: Right, that is why after digging for a while I realized I wan't doing it the right way. Now I wrote a module that will hook into the upstream logic and will set all the callbacks to the round-robin callbacks. Only the the peer.free callback will call the original round-robin callback and after that will do something like: if (r->method == NGX_HTTP_POST) { pc->retries = 0; } by setting retires = 0 I think nginx won't retry and will fail and I will be using round-robin logic for all the rest. My only problem is that in the peer.free callback I don't have access to the request struct, so I don't know is the request's method. So now I am not sure if the approach is the right one. Any thoughts on this? On Tue, May 10, 2011 at 11:32 AM, Piotr Sikora wrote: > Hi, > > > 2. Any good advice on how I should do it? I was thinking on adding the >> validation somewhere in ngx_http_upstream_test_next (ngx_http_upstream.c), >> something like: >> if (r->method == NGX_HTTP_POST) { >> return NGX_DECLINED; >> } >> > > Keep in mind that you should decline sending request to another backend, > only if you already sent it upstream. There is a bunch of errors (bad > gateway, connection timeout, etc) which could lead to the code path in > question, for which you should still send request to another backend. > > Best regards, > Piotr Sikora < piotr.sikora at frickle.com > > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ionathan at gmail.com Tue May 10 23:30:30 2011 From: ionathan at gmail.com (Jonathan Leibiusky) Date: Tue, 10 May 2011 16:30:30 -0300 Subject: proxy_next_upstream and POSTs In-Reply-To: References: Message-ID: Ok. Finally I could work it out, so thanks anyway! Here is my small contribution to nginx, it is not much, but it is something. https://github.com/xetorthio/nginx-upstream-idempotent Thanks everyone for your help, and if you have time and find something weired in the code, let me know! Jonathan On Tue, May 10, 2011 at 11:48 AM, Jonathan Leibiusky wrote: > Right, that is why after digging for a while I realized I wan't doing it > the right way. > Now I wrote a module that will hook into the upstream logic and will set > all the callbacks to the round-robin callbacks. Only the the peer.free > callback will call the original round-robin callback and after that will do > something like: > > > if (r->method == NGX_HTTP_POST) { > pc->retries = 0; > } > > by setting retires = 0 I think nginx won't retry and will fail and I will > be using round-robin logic for all the rest. > > My only problem is that in the peer.free callback I don't have access to > the request struct, so I don't know is the request's method. So now I am not > sure if the approach is the right one. > > Any thoughts on this? > > > On Tue, May 10, 2011 at 11:32 AM, Piotr Sikora wrote: > >> Hi, >> >> >> 2. Any good advice on how I should do it? I was thinking on adding the >>> validation somewhere in ngx_http_upstream_test_next (ngx_http_upstream.c), >>> something like: >>> if (r->method == NGX_HTTP_POST) { >>> return NGX_DECLINED; >>> } >>> >> >> Keep in mind that you should decline sending request to another backend, >> only if you already sent it upstream. There is a bunch of errors (bad >> gateway, connection timeout, etc) which could lead to the code path in >> question, for which you should still send request to another backend. >> >> Best regards, >> Piotr Sikora < piotr.sikora at frickle.com > >> >> >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://nginx.org/mailman/listinfo/nginx >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Wed May 11 01:59:41 2011 From: nginx-forum at nginx.us (jeanjan) Date: Tue, 10 May 2011 17:59:41 -0400 Subject: cgi files in plain text Message-ID: <875369c24424bd6f71a4658c85bce47b.NginxMailingListEnglish@forum.nginx.org> Hi, I installed nginx and php5-fpm from repositories on ubuntu 10.04. everything works well. The phpinfo test file works. I try to access collection (for collectd) pages. When I access the url of the collection3/bin/index.cgi, I can see the file in plain text. This is the config file used : server { listen 80; server_name toto.com; access_log /var/log/nginx/localhost.access.log; ## Default location location / { root /var/www; index index.php; try_files $uri $uri/ /index.php?q=$uri&$args; auth_basic "Restricted"; auth_basic_user_file /var/htpasswd_au1; } # Protection #location = /var/www { # auth_basic "Restricted"; # auth_basic_user_file /var/htpasswd_au1; #} ## try_files $uri $uri/ /index.php?q=$uri; ## Images and static content is treated different location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ { access_log off; expires 30d; root /var/www; } ## Parse all .php file in the /var/www directory location ~ .php$ { fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www$fastcgi_script_name; include fastcgi_params; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_connect_timeout 60; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_buffer_size 128k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } ## Disable viewing .htaccess & .htpassword location ~ /\.ht { deny all; } } upstream backend { server 127.0.0.1:9000; } Thanks Posted at Nginx Forum: http://forum.nginx.org/read.php?2,197100,197100#msg-197100 From nginx-forum at nginx.us Wed May 11 03:07:36 2011 From: nginx-forum at nginx.us (brianmercer) Date: Tue, 10 May 2011 19:07:36 -0400 Subject: cgi files in plain text In-Reply-To: <875369c24424bd6f71a4658c85bce47b.NginxMailingListEnglish@forum.nginx.org> References: <875369c24424bd6f71a4658c85bce47b.NginxMailingListEnglish@forum.nginx.org> Message-ID: jeanjan Wrote: ------------------------------------------------------- > Hi, > > I installed nginx and php5-fpm from repositories > on ubuntu 10.04. > everything works well. The phpinfo test file > works. > > I try to access collection (for collectd) pages. > When I access the url of the > collection3/bin/index.cgi, I can see the file in > plain text. > > This is the config file used : > server { > listen 80; > server_name toto.com; > access_log > /var/log/nginx/localhost.access.log; > > ## Default location > location / { > root /var/www; > index index.php; > try_files $uri $uri/ /index.php?q=$uri&$args; > auth_basic "Restricted"; > auth_basic_user_file /var/htpasswd_au1; > > } > > # Protection > #location = /var/www { > # auth_basic "Restricted"; > # auth_basic_user_file /var/htpasswd_au1; > #} > > ## try_files $uri $uri/ /index.php?q=$uri; > ## Images and static content is treated different > location ~* > ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ { > access_log off; > expires 30d; > root /var/www; > } > > > > ## Parse all .php file in the /var/www directory > location ~ .php$ { > fastcgi_split_path_info ^(.+\.php)(.*)$; > fastcgi_pass 127.0.0.1:9000; > fastcgi_index index.php; > fastcgi_param SCRIPT_FILENAME > /var/www$fastcgi_script_name; > include fastcgi_params; > fastcgi_param QUERY_STRING > $query_string; > fastcgi_param REQUEST_METHOD > $request_method; > fastcgi_param CONTENT_TYPE > $content_type; > fastcgi_param CONTENT_LENGTH > $content_length; > fastcgi_intercept_errors on; > fastcgi_ignore_client_abort off; > fastcgi_connect_timeout 60; > fastcgi_send_timeout 180; > fastcgi_read_timeout 180; > fastcgi_buffer_size 128k; > fastcgi_buffers 4 256k; > fastcgi_busy_buffers_size 256k; > fastcgi_temp_file_write_size 256k; > } > > ## Disable viewing .htaccess & .htpassword > location ~ /\.ht { > deny all; > } > } > upstream backend { > server 127.0.0.1:9000; > } > > Thanks You can either use a php-based web interface for collectd like php-collection or Collectd Graph Panel or if you need the ability to serve .cgi and .pl files (like for awstats) you'll have to install another backend daemon. You can use a light web server or I'd recommend fcgiwrap. A couple ppas have Lucid backports of the Ubuntu fcgiwrap package, (e.g. https://launchpad.net/~wwu-numerik/+archive/lucid). Posted at Nginx Forum: http://forum.nginx.org/read.php?2,197100,197123#msg-197123 From antoine.bonavita at gmail.com Wed May 11 12:03:10 2011 From: antoine.bonavita at gmail.com (Antoine Bonavita) Date: Wed, 11 May 2011 10:03:10 +0200 Subject: proxy_next_upstream and POSTs In-Reply-To: References:

Message-ID: Glad to hear you made it. As far as testing goes, you might find interesting (or just fun) to read my own experiences with the subject: - http://www.nginx-discovery.com/2011/02/day-29-nginx-development-tool-chain.html - http://www.nginx-discovery.com/2011/03/day-32-moving-to-testnginx.html - http://www.nginx-discovery.com/2011/03/day-33-testnginx-pipelinedrequests.html - http://www.nginx-discovery.com/2011/03/day-40-testnginx-new-features.html As far as documentation of Test::Nginx goes, you might find the devel tree (https://github.com/agentzh/test-nginx/tree/devel) which includes my commits a bit more verbose than the "master" branch. Enjoy testing. A. -- Round-trip fares to nginx land as low as $0: visit http://www.nginx-discovery.com On Tue, May 10, 2011 at 9:30 PM, Jonathan Leibiusky wrote: > Ok. Finally I could work it out, so thanks anyway! > > Here is my small contribution to nginx, it is not much, but it is something. > > https://github.com/xetorthio/nginx-upstream-idempotent > > Thanks everyone for your help, and if you have time and find something > weired in the code, let me know! > > Jonathan > > On Tue, May 10, 2011 at 11:48 AM, Jonathan Leibiusky > wrote: >> >> Right, that is why after digging for a while I realized I wan't doing it >> the right way. >> Now I wrote a module that will hook into the upstream logic and will set >> all the callbacks to the round-robin callbacks. Only the the peer.free >> callback will call the original round-robin callback and after that will do >> something like: >> >> if (r->method == NGX_HTTP_POST) { >> ? pc->retries = 0; >> } >> >> by setting retires = 0 I think nginx won't retry and will fail and I will >> be using round-robin logic for all the rest. >> >> My only problem is that in the peer.free callback I don't have access to >> the request struct, so I don't know is the request's method. So now I am not >> sure if the approach is the right one. >> >> Any thoughts on this? >> >> On Tue, May 10, 2011 at 11:32 AM, Piotr Sikora >> wrote: >>> >>> Hi, >>> >>>> 2. Any good advice on how I should do it? I was thinking on adding the >>>> validation somewhere in ngx_http_upstream_test_next (ngx_http_upstream.c), >>>> something like: >>>> if (r->method == NGX_HTTP_POST) { >>>> ?return NGX_DECLINED; >>>> } >>> >>> Keep in mind that you should decline sending request to another backend, >>> only if you already sent it upstream. There is a bunch of errors (bad >>> gateway, connection timeout, etc) which could lead to the code path in >>> question, for which you should still send request to another backend. >>> >>> Best regards, >>> Piotr Sikora < piotr.sikora at frickle.com > >>> >>> >>> _______________________________________________ >>> nginx mailing list >>> nginx at nginx.org >>> http://nginx.org/mailman/listinfo/nginx >> > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://nginx.org/mailman/listinfo/nginx > > From igor at sysoev.ru Wed May 11 14:06:16 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Wed, 11 May 2011 14:06:16 +0400 Subject: server_name for https In-Reply-To: <20110509090627.68905d0d@cholatse.wrk.lsn.camptocamp.com> References: <20110509090627.68905d0d@cholatse.wrk.lsn.camptocamp.com> Message-ID: <20110511100615.GB45105@sysoev.ru> On Mon, May 09, 2011 at 09:06:27AM +0200, Cedric Jeanneret wrote: > On Mon, 9 May 2011 14:18:09 +0800 > Jeff Pang wrote: > > > Hello, > > > > Since HTTPS doesn't support vhost, shall we have the need to put the > > server_name command in the server section? for example, > > > > server { > > listen 443; > > server_name xxx.example.com; > > .... > > } > > > > Thanks. > > > > > > o_O since when does HTTPS not support vhosts ? > > the only problem is when having multiple SSL vhosts on the same IP - the certificate has to cover all those vhosts. > > To answer your question, you shall provide: > server_name $_; > > it's the default vhost This is not default virtual host. Please read this: http://nginx.org/en/docs/http/server_names.html#miscellaneous_names -- Igor Sysoev From igor at sysoev.ru Wed May 11 14:07:20 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Wed, 11 May 2011 14:07:20 +0400 Subject: server_name for https In-Reply-To: References: Message-ID: <20110511100720.GC45105@sysoev.ru> On Mon, May 09, 2011 at 02:18:09PM +0800, Jeff Pang wrote: > Hello, > > Since HTTPS doesn't support vhost, shall we have the need to put the > server_name command in the server section? for example, > > server { > listen 443; > server_name xxx.example.com; > .... > } > > Thanks. server should always have a name. Or it will be "" by default. -- Igor Sysoev From cjeanneret at internux.ch Wed May 11 14:13:23 2011 From: cjeanneret at internux.ch (Cedric Jeanneret) Date: Wed, 11 May 2011 12:13:23 +0200 Subject: server_name for https In-Reply-To: <20110511100615.GB45105@sysoev.ru> References: <20110509090627.68905d0d@cholatse.wrk.lsn.camptocamp.com> <20110511100615.GB45105@sysoev.ru> Message-ID: <20110511121323.60180dc7@cholatse.wrk.lsn.camptocamp.com> On Wed, 11 May 2011 14:06:16 +0400 Igor Sysoev wrote: > On Mon, May 09, 2011 at 09:06:27AM +0200, Cedric Jeanneret wrote: > > On Mon, 9 May 2011 14:18:09 +0800 > > Jeff Pang wrote: > > > > > Hello, > > > > > > Since HTTPS doesn't support vhost, shall we have the need to put the > > > server_name command in the server section? for example, > > > > > > server { > > > listen 443; > > > server_name xxx.example.com; > > > .... > > > } > > > > > > Thanks. > > > > > > > > > > o_O since when does HTTPS not support vhosts ? > > > > the only problem is when having multiple SSL vhosts on the same IP - the certificate has to cover all those vhosts. > > > > To answer your question, you shall provide: > > server_name $_; > > > > it's the default vhost > > This is not default virtual host. Please read this: > http://nginx.org/en/docs/http/server_names.html#miscellaneous_names > > Woops, indeed - sorry :/ (never used this syntax in my installation... ) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From nginx-forum at nginx.us Wed May 11 14:27:38 2011 From: nginx-forum at nginx.us (zls) Date: Wed, 11 May 2011 06:27:38 -0400 Subject: nginx-1.0.2 In-Reply-To: <20110510122951.GE90700@sysoev.ru> References: <20110510122951.GE90700@sysoev.ru> Message-ID: <25b6ac0454130aaa48b9dbc133ad36a2.NginxMailingListEnglish@forum.nginx.org> feature not enabled on redhat by default because of no -pthread on testing? checking for POSIX semaphores /tmp/cc2q2SHU.o: In function `main': /search/zls/nginx/server_traffic/nginx-1.0.2.zls/objs/autotest.c:8: undefined reference to `sem_init' /search/zls/nginx/server_traffic/nginx-1.0.2.zls/objs/autotest.c:9: undefined reference to `sem_destroy' collect2: ld return 1 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,196951,197225#msg-197225 From igor at sysoev.ru Wed May 11 14:30:48 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Wed, 11 May 2011 14:30:48 +0400 Subject: nginx-1.0.2 In-Reply-To: <25b6ac0454130aaa48b9dbc133ad36a2.NginxMailingListEnglish@forum.nginx.org> References: <20110510122951.GE90700@sysoev.ru> <25b6ac0454130aaa48b9dbc133ad36a2.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110511103048.GG45105@sysoev.ru> On Wed, May 11, 2011 at 06:27:38AM -0400, zls wrote: > feature not enabled on redhat by default because of no -pthread on > testing? Yes, POSIX semaphores on Linux requires linking with libpthread. > checking for POSIX semaphores > > /tmp/cc2q2SHU.o: In function `main': > /search/zls/nginx/server_traffic/nginx-1.0.2.zls/objs/autotest.c:8: > undefined reference to `sem_init' > /search/zls/nginx/server_traffic/nginx-1.0.2.zls/objs/autotest.c:9: > undefined reference to `sem_destroy' > collect2: ld return 1 -- Igor Sysoev From nginx-forum at nginx.us Wed May 11 16:23:53 2011 From: nginx-forum at nginx.us (tuffclassified) Date: Wed, 11 May 2011 08:23:53 -0400 Subject: redirecting url from old to new Message-ID: Any body will help me to redirect my old wordpress post http://tuffclassified.com/xyz/ to new custom post http://tuffclassified.com/ads/xyz/ . It was easy in apache as i have to add just # END WordPress RewriteRule ^/(.*)$ http://tuffclassified.com/ads/$1 [R=301,L] Posted at Nginx Forum: http://forum.nginx.org/read.php?2,197247,197247#msg-197247 From edhoprima at gmail.com Wed May 11 16:30:43 2011 From: edhoprima at gmail.com (Edho P Arief) Date: Wed, 11 May 2011 19:30:43 +0700 Subject: redirecting url from old to new In-Reply-To: References: Message-ID: On Wed, May 11, 2011 at 7:23 PM, tuffclassified wrote: > Any body will help me to redirect my old ?wordpress post > http://tuffclassified.com/xyz/ to new custom post > http://tuffclassified.com/ads/xyz/ ?. It was easy in apache as i have to > add just > > # END WordPress > RewriteRule ^/(.*)$ http://tuffclassified.com/ads/$1 [R=301,L] > location /xyz/ { rewrite ^ /ads/$uri permanent; ... } From mp3geek at gmail.com Thu May 12 06:13:03 2011 From: mp3geek at gmail.com (Ryan B) Date: Thu, 12 May 2011 14:13:03 +1200 Subject: rewrite n00b Message-ID: Hi, Just wanting to enabled a rewrite of the following url, Redirecting all requests from http://www.domain.com/site/forums and http://www.domain.com/forums to http://forums.domain.com Thanks :) From igor at sysoev.ru Thu May 12 09:20:53 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Thu, 12 May 2011 09:20:53 +0400 Subject: rewrite n00b In-Reply-To: References: Message-ID: <20110512052052.GC99505@sysoev.ru> On Thu, May 12, 2011 at 02:13:03PM +1200, Ryan B wrote: > Hi, > Just wanting to enabled a rewrite of the following url, > > Redirecting all requests from http://www.domain.com/site/forums and > http://www.domain.com/forums to http://forums.domain.com server { server_name www.domain.com; location /forums { rewrite ^/forums(.*)$ http://forums.domain.com$1; } location /site/forums { rewrite ^/site/forums(.*)$ http://forums.domain.com$1; } ... -- Igor Sysoev From agentzh at gmail.com Thu May 12 14:30:52 2011 From: agentzh at gmail.com (agentzh) Date: Thu, 12 May 2011 18:30:52 +0800 Subject: proxy_next_upstream and POSTs In-Reply-To: References:

Message-ID: On Wed, May 11, 2011 at 4:03 PM, Antoine Bonavita wrote: > As far as documentation of Test::Nginx goes, you might find the devel > tree (https://github.com/agentzh/test-nginx/tree/devel) which includes > my commits a bit more verbose than the "master" branch. > I've just merged test-nginx's devel branch back to its master after massive regression testing on my side. And I'll do a new CPAN release of Test::Nginx tomorrow or so :) Happy hacking! -agentzh From agentzh at gmail.com Thu May 12 14:35:28 2011 From: agentzh at gmail.com (agentzh) Date: Thu, 12 May 2011 18:35:28 +0800 Subject: proxy_next_upstream and POSTs In-Reply-To: References:

Message-ID: On Wed, May 11, 2011 at 4:03 PM, Antoine Bonavita wrote: > As far as documentation of Test::Nginx goes, you might find the devel > tree (https://github.com/agentzh/test-nginx/tree/devel) which includes > my commits a bit more verbose than the "master" branch. > I've just merged test-nginx's devel branch back to its master after massive regression testing on my side. And I'll do a new CPAN release of Test::Nginx tomorrow or so :) Happy hacking! -agentzh From ash2kk at gmail.com Thu May 12 15:34:09 2011 From: ash2kk at gmail.com (Mikhail Mazursky) Date: Thu, 12 May 2011 17:34:09 +0600 Subject: redirecting url from old to new In-Reply-To: