我们让nginx作为反向代理坐在独角兽的Rails应用前面。Nginx代理服务器SSL请求超过5秒的https请求中的破管
我们没有覆盖任何超时默认值。
我的问题是:
请求一个页面,通过HTTP花费超过5秒。当它工作正常。
当请求一个超过httpS超过5秒的特定页面时,我得到一个324(服务器的空响应) 在系统上请求任何其他页面时,它只能通过https工作。
我可以确认这是一个计时问题,因为我剥离了模板,并将睡眠模式设置为6,以使模板等待呈现空白。
该请求有几个subrequests js和css,这些单独调用时工作正常。
nginx错误日志在出现问题url时显示套接字读取错误。
当HTTP做模板渲染和子请求,
当在HTTPS失败的URL,它发送请求上游两次但死在那里,不发送子请求。 (导轨应用声称它呈现它确定)
奇怪的是,它发送的原始请求两次至上游, 然后死,
日志和配置文件如下,
NGINX错误日志(仅在HTTPS上读取需要很长时间渲染的特定网址时):
2012/11/06 15:05:00 [info] 5717#0:* 4012 SSL_write()failed(SSL :) (32:断管),同时读取上游,客户:10.2.20.98,ser ver:cloud.zia4buildings.com,请求:“GET/admin/datasets HTTP/1.1”,上游:“http://127.0.0.1:3000/admin/datasets”,主机:“cloud.zia4buildings.com”,引用者:“https://cloud.zia4buildings.com/admin/sage_categories”
2012/11/06 15:05:03 [info] 5717#0:* 4027 SSL_write()失败(SSL :)(32:当读取上游时,客户端:10.2.20.98,服务器:cloud.zia4buildings.com,请求:“GET/admin/datasets HTTP/1.1”,上游:“http://127.0.0.1:3000/admin/datasets ”主机 “cloud.zia4buildings.com”,引荐: “https://cloud.zia4buildings.com/admin/sage_categories”
[编辑] 问题是超时在https代理通, if我在任何页面(甚至是一个超轻的页面)中投入6秒睡眠,然后https请求失败。
**APPLICATION LOGS:**
(my comments in (-- --)
**HTTP:**
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:19:40 -0700
Processing by Admin::DatasetsController#index as HTML
(-- lots of these ok --)
Rendered admin/datasets/_dataset.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (5.4ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (4.1ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5694.0ms)
Completed 200 OK in 5704ms (Views: 5171.9ms | ActiveRecord: 531.4ms)
Started GET "/stylesheets/dyn_stylesheets/dynamic.css" for 127.0.0.1 at 2012-11-06 09:15:31 -0700
Processing by DynStylesheetsController#index as CSS
Parameters: {"id"=>"dynamic"}
Exist fragment? views/rating_system_css_colors (1.4ms)
Read fragment views/rating_system_css_colors (0.1ms)
Exist fragment? views/leed_category_css_colors (0.4ms)
Read fragment views/leed_category_css_colors (0.0ms)
Exist fragment? views/sage_category_css_colors (0.3ms)
Read fragment views/sage_category_css_colors (0.0ms)
Exist fragment? views/node_css_colors (3.3ms)
Read fragment views/node_css_colors (0.0ms)
Rendered dyn_stylesheets/dynamic.css.erb (9.8ms)
Completed 200 OK in 17ms (Views: 12.1ms | ActiveRecord: 4.0ms)
(-- EOF HTTP success request --)
**HTTPS:**
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:20:44 -0700
Processing by Admin::DatasetsController#index as HTML
Rendered admin/datasets/_set_field.html.erb (15.8ms)
(-- lots of these ok --)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (3.0ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5973.3ms)
Completed 200 OK in 5982ms (Views: 5419.4ms | ActiveRecord: 561.5ms)
(-- (here starts a second, identical request without no apparent reason) --)
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:20:47 -0700
Processing by Admin::DatasetsController#index as HTML
Rendered admin/datasets/_set_field.html.erb (15.9ms)
Rendered admin/datasets/_set_field.html.erb (0.5ms)
(-- lots of these ok --)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (4.1ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5944.9ms)
Completed 200 OK in 5955ms (Views: 5419.8ms | ActiveRecord: 549.8ms)
(-- here the browser gets the error 324, empty response --)
CONF:
这是典型的配置:
upstream unicorn_server {
# this socket is set up on the config/unicorn.rb file
server unix:/home/sage/apps/sage/production/shared/.unicorn.sock;
}
server {
listen 80;
root /home/sage/apps/sage/production/current/public;
location/{
proxy_set_header X-Forwarded-For $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://unicorn_server;
break;
}
}
}
server {
listen localhost:443;
listen 10.2.20.84:443;
ssl on;
ssl_certificate /etc/ssl/certs/cert.chained.crt;
ssl_certificate_key /etc/ssl/certs/cert.com.key;
root /home/sage/apps/sage/production/current/public;
location/{
proxy_set_header X-Forwarded-For $scheme;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://unicorn_server;
break;
}
}
}
在正确的方向指针的任何大加赞赏,
谢谢!