Nginx proxy cache/temp folders empty when located inside /tmp on CentOS 7

Andrew Hutchings ahutchings at nginx.com
Wed Apr 6 07:32:30 UTC 2016


Hi,

This gives a good explanation of what you are observing:

https://securityblog.redhat.com/2014/04/09/new-red-hat-enterprise-linux-7-security-feature-privatetmp/

Kind Regards
Andrew

On 06/04/16 05:39, fevangelou wrote:
> (First post in the Nginx forum, so please bear with me if it seems slightly
> long...)
>
> I'm the maker of Engintron, a popular cPanel plugin which integrates Nginx
> as a reverse caching proxy in front of Apache. The project started in Dec
> 2014, it is open source & free and you can check out the code here,
> including Nginx configuration files: https://github.com/engintron/engintron
>
> In Feb 2016 I rewrote the plugin from scratch using a more efficient
> universal proxy configuration in Nginx, for any domain hosted on a cPanel
> server. The benefit is that you install Engintron on your cPanel server and
> it just works, with zero maintenance and no vhost sync'ing between Nginx &
> Apache like similar plugins for cPanel.
>
> I am defining 2 proxy cache zones/pools plus a proxy temp location in
> /etc/nginx/nginx.conf like this:
>
> 	proxy_cache_path /tmp/engintron_dynamic levels=1:2
> keys_zone=engintron_dynamic:20m inactive=10m max_size=500m;
> 	proxy_cache_path /tmp/engintron_static levels=1:2
> keys_zone=engintron_static:20m inactive=10m max_size=500m;
> 	proxy_temp_path /tmp/engintron_temp;
>
> Nginx does 1 min caching for static assets like CSS, JS, images etc. and 1
> sec micro-caching for dynamic/HTML content. The latter is used so that it
> doesn't break sites with user-generated content such as forums, e-commerce
> sites etc.
>
> In CentOS versions 5 & 6, the folders referenced above will start filling up
> when Nginx is installed via Engintron, as Nginx caching kicks in.
> In CentOS 7 however - and this has been verified in multiple cPanel
> installations on my end, as well as other Engintron users via the project's
> Issues section on GitHub- the above folders are just empty.
>
> However caching DOES work in CentOS 7, at least according to the headers
> sent by Nginx as well as by checking a static file if it gets cached.
>
> For example if I modify this CSS file
> http://www.benetomaretti.com/templates/vp_merchant/css/template.css I won't
> see any changes until a minute has passed (1 min static cache). So the file
> does indeed get cached by Nginx, but the cache entry does not appear in the
> proxy cache/temp folders. These folders show up as empty with a simple du
> command.
>
> And if you check the same file via curl, you get something like this:
>
> $ curl -I
> http://www.benetomaretti.com/templates/vp_merchant/css/template.css
> 	HTTP/1.1 200 OK
> 	Server: nginx
> 	Date: Wed, 06 Apr 2016 04:27:52 GMT
> 	Content-Type: text/css
> 	Content-Length: 45237
> 	Connection: keep-alive
> 	Vary: Accept-Encoding
> 	Last-Modified: Wed, 06 Apr 2016 04:25:52 GMT
> 	ETag: "45a86635-b0b5-52fc95b6d4120"
> 	Expires: Fri, 06 May 2016 04:27:52 GMT
> 	Cache-Control: max-age=2592000
> 	X-Cache-Status: HIT
> 	X-Server-Powered-By: Engintron
> 	Pragma: public
> 	Cache-Control: public
> 	Vary: Accept-Encoding
> 	Accept-Ranges: bytes
>
> I'm really out of ideas why on earth there's this behaviour with CentOS 7
> specifically.
>
> Any pointers would be appreciated.
>
> For the record, the (re-written) release of Engintron in Feb 2016 already
> has more than 1300 server deployments in 72 countries worldwide.
>
> It's in my plans to also get anonymous system metrics at some point in the
> near future, so I know which CentOS version is used (along with other data
> such Apache version, MySQL version etc.). In the meantime I can't know what
> percentage uses CentOS 7, but judging from the fact that new cPanel
> deployments usually get setup on CentOS 7, I'm assuming the percentage may
> be high overall.
>
> Thanks in advance for any help or guidance.
>
> Posted at Nginx Forum: https://forum.nginx.org/read.php?2,265943,265943#msg-265943
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>

-- 
Andrew Hutchings (LinuxJedi)
Technical Product Manager, NGINX Inc.



More information about the nginx mailing list