Hello,
Attaching POC patch for https://trac.nginx.org/nginx/ticket/1234.
At very least, ngx_http_proxy_set_ssl() needs to be converted into ngx_http_proxy_create_ssl(). But there are also a couple of things to discuss:
1. Patch uses pretty straightforward reuse criteria (absence of directives), but shall we go further, say, compare directive arguments (with special treatment of complex values with variables)?
2. Since similar change also makes sense for "grpc", "uwsgi" (and may be "stream proxy") modules, perhaps it's time to factor out SSL upstream settings code for all these modules to avoid copypasting of above patch? We can introduce something like "ngx_ssl_upstream_conf_t" to keep shared SSL settings and unite ngx_http_(proxy|grpc|uwsgi)_set_ssl functions. Config merge logic (together with attached patch) can be moved to something like ngx_ssl_upstream_conf_merge. Optionally, ngx_http_upstream_conf_t can be updated to contain ngx_ssl_upstream_conf_t.
Thanks,
Pavel
We use nginx as the cluster ingress provider, and hit the case when:
1. enabled proxy_cache, and the specific cache is expired
2. nginx is reloading config
then for incoming request, the backend servers can still receive the request and send back response to nginx, while client will receive "curl: (52) Empty reply from server".
It seems nginx reload may cause the connection break?
attached debug log below:
Hello, guys,
Recently I have been working on an nginx c module, which have to
leverage on init_process routine.The logic is based on instruction
command which may be configured inside stream.server, I have to do some
work in the init_process routine, for example, to schedule a timer.
I did google a while ,and decide to using code snippet like below:
============================
ngx_stream_conf_ctx_t conf_ctx = (ngx_stream_conf_ctx_t
*)ngx_get_conf(cycle->conf_ctx, ngx_stream_module);
"module_spec_conf = conf_ctx->srv_conf["my_module".ctx_index];
=============================
However, the module_spec_conf I got is the top_level ,that is created
when nginx parse the stream section, not the one created when nginx
parse the stream.server section, the later has the proper values.
Currently to got the later structure, I have to copy the configure value
back from child to parent in configuration merger function, which is
inconvenient and buggy when the stream includes multi servers.
So I wonder what's the proper way to get module specific configuration
in the routine: init_process
Thanks
Lei
- patch #1 adds support for reusable and idle modes for the main QUIC
conneciton. They allow to close QUIC connections that have no active
request streams when connections are needed for a new client or when nginx
worker is shutting down.
- patch #2 allows to switch main QUIC connection to reusable and idle modes
after handshake and util streams are created. A new callback init_streams()
is added for this.