Nginx waiting connections growing

Bruno Prémont bruno.premont at restena.lu
Thu Sep 17 06:17:31 UTC 2015


Hello Maxim,

On Wed, 16 Sep 2015 18:20:56 +0300 Maxim Dounin wrote:
> On Wed, Sep 16, 2015 at 03:33:13PM +0200, Bruno Prémont wrote:
> 
> > Seeing the same issue here, running nginx-1.8 (compiled for i586,
> > against openssl-1.0.1p).
> > 
> > Some workers do complain shortly after the daily SIGHUP to reload
> > configuration and rotate logs:
> > 2015/09/02 10:07:14 [notice] 18162#0: exiting
> > 2015/09/02 10:07:14 [alert] 18162#0: *1471655 open socket #147 left in connection 40
> > 2015/09/02 10:07:14 [alert] 18162#0: *1485419 open socket #224 left in connection 44
> > 2015/09/02 10:07:14 [alert] 18162#0: *1548715 open socket #212 left in connection 84
> > 2015/09/02 10:07:14 [alert] 18162#0: *1685585 open socket #61 left in connection 164
> > 2015/09/02 10:07:14 [alert] 18162#0: *1462853 open socket #290 left in connection 202
> > 2015/09/02 10:07:14 [alert] 18162#0: *1687835 open socket #76 left in connection 231
> > 2015/09/02 10:07:14 [alert] 18162#0: *1684533 open socket #62 left in connection 237
> > 2015/09/02 10:07:14 [alert] 18162#0: *1647090 open socket #32 left in connection 255
> > 2015/09/02 10:07:14 [alert] 18162#0: *1598817 open socket #209 left in connection 281
> > 2015/09/02 10:07:14 [alert] 18162#0: *1686652 open socket #166 left in connection 283
> > 2015/09/02 10:07:14 [alert] 18162#0: aborting
> > 
> > Of the two nginx frontend servers, only the one with mostly SSL
> > traffic is visibly affected (same binary on both servers).
> 
> This is likely a different issue, as open sockets are expected to 
> be seen as open file descriptors.
> 
> If you are using SPDY, please try without it, see these tickets 
> for similar reports:
> 
> https://trac.nginx.org/nginx/ticket/626
> https://trac.nginx.org/nginx/ticket/714
> 
> If not, you may want to consider obtaining more information.  The 
> http://wiki.nginx.org/Debugging contains some hints about 
> debugging socket leaks as well.
> 
> > I've not seen the issue with 1.7.x releases of nginx (only external
> > module in use is headers_more).
> 
> I wouldn't suppose it's safe, either.  In the past it caused 
> segmentation faults at least once.

SPDY is active on all SSL listen directives so it probably is the same
issue as reported in those tickets.
Just surprising that I've not seen it with previous 1.7.x or earlier
releases of nginx.

Will have a look at disabled SPDY in the coming days.
Bruno



More information about the nginx mailing list