Hi,
We are getting a lot of connection time outs and connection resets while
using tengine as an ssl proxy for civetweb.
This is our tengine configuration:
server
{
listen 443 default ssl;
access_log /tmp/nginx_reverse_access.log;
error_log /tmp/nginx_reverse_error.log;
root /usr/local/nginx/html;
index index.html;
client_max_body_size 10G;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_certificate /etc/ss/ssl.crt;
ssl_certificate_key /etc/ssl/ssl.key;
ssl_verify_client off;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location /
{
proxy_pass http://10.25.100.2;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
And this is our civetweb/rados command
radosgw -c /etc/ceph/ceph.conf -n client.radosgw.ceph-obj2
--rgw-frontends civetweb port=80
Copy of logs
2015/01/18 08:30:16 [error] 11945#0: *8940439 recv() failed (104:
Connection reset by peer) while reading response header from upstream,
client: 10.12.130.10, server: , request: "GET
//user.backup?delimiter=/&prefix=Folder_11.10.2014_22.11/CV_MAGNETIC/V_220688/CHUNK_4805413/SFILE_CONTAINER_006.FOLDER/
HTTP/1.1", upstream:
"http://10.25.100.2:80//user.backup?delimiter=/&prefix=Folder_11.10.2014_22.11/CV_MAGNETIC/V_220688/CHUNK_4805413/SFILE_CONTAINER_006.FOLDER/";,
host: "10.25.100.250"
2015/01/18 08:30:18 [error] 11945#0: *8940449 recv() failed (104:
Connection reset by peer) while reading response header from upstream,
client: 10.12.130.10, server: , request: "GET
//user.backup?delimiter=/&prefix=Folder_11.10.2014_22.11/CV_MAGNETIC/V_220716/CHUNK_4805415/SFILE_CONTAINER_001.FOLDER/
HTTP/1.1", upstream:
"http://10.25.100.2:80//user.backup?delimiter=/&prefix=Folder_11.10.2014_22.11/CV_MAGNETIC/V_220716/CHUNK_4805415/SFILE_CONTAINER_001.FOLDER/";,
host: "10.25.100.250"
2015/01/18 08:30:19 [error] 11945#0: *8940498 recv() failed (104:
Connection reset by peer) while reading response header from upstream,
client: 10.12.130.10, server: , request: "HEAD
//user.backup/Folder_11.10.2014_22.11/CV_MAGNETIC/V_215179/_DIRECTORY_HOLDER_
HTTP/1.1", upstream:
"http://10.25.100.2:80//user.backup/Folder_11.10.2014_22.11/CV_MAGNETIC/V_215179/_DIRECTORY_HOLDER_";,
host: "10.25.100.250"
2015/01/18 08:30:20 [error] 11945#0: *8940475 recv() failed (104:
Connection reset by peer) while reading response header from upstream,
client: 10.12.130.10, server: , request: "HEAD
//user.backup/Folder_11.10.2014_22.11/CV_MAGNETIC/V_220685/CHUNK_4805417/_DIRECTORY_HOLDER_
HTTP/1.1", upstream:
"http://10.25.100.2:80//user.backup/Folder_11.10.2014_22.11/CV_MAGNETIC/V_220685/CHUNK_4805417/_DIRECTORY_HOLDER_";,
host: "10.25.100.250"
2015/01/18 09:05:40 [error] 11945#0: *8948226 upstream timed out (110:
Connection timed out) while reading response header from upstream,
client: 10.12.130.10, server: , request: "POST //user.backup?delete
HTTP/1.1", upstream: "http://10.25.100.2:80//user.backup?delete";, host:
"10.25.100.250"
2015/01/18 09:06:12 [error] 11945#0: *8948386 upstream timed out (110:
Connection timed out) while reading response header from upstream,
client: 10.12.130.10, server: , request: "POST //user.backup?delete
HTTP/1.1", upstream: "http://10.25.100.2:80//user.backup?delete";, host:
"10.25.100.250"
It looks to mainly be doing it around deletes.
10.25.100.250 is a load balanced vip on a firewall. It balances
10.25.100.1 and .2
Each obj gateway has tengine ssl proxy and radosgw with civetweb
Is there something we are missing, or done incorrectly?
Thanks,
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
