Hendrik Schumacher | 1 Jul 01:48 2011
Picon

Problem with request body and client_body_in_single_buffer

Hi,

I just had a hard time tracking down the following issue:

I have an apache with mod_perl running behind nginx 0.8.54. In my mod_perl
application decoding large file uploads in multipart/form-data failed. It
seems that the beginning of the request body was repeated (resulting in
one small truncated file and one large corrupt file with no ending
boundary). After deep-debugging my application I disabled nginx and the
upload worked again. So I inspected the nginx settings and commenting out
the following line makes my problem go away:

client_body_in_single_buffer on;

Could it be that nginx somehow doubles the beginning of the request body
if it detects that the client body does not fit in a buffer?

The nginx config also contains the following settings (I left away
path/file configs and other things that are unlikely to provoke this
behaviour):

  proxy_redirect          off;
  proxy_set_header        Host            $host;
  proxy_buffering on;
  proxy_buffer_size 4k;
  proxy_buffers 16 4k;
  proxy_busy_buffers_size 8k;

  default_type application/octet-stream;
  access_log off;
(Continue reading)

Maxim Dounin | 1 Jul 07:53 2011
Picon

Re: upstream: ip_hash and backup

Hello!

On Thu, Jun 30, 2011 at 08:31:35PM +0100, John Moore wrote:

> On 30/06/11 19:49, Maxim Dounin wrote:
> >Hello!
> >
> >On Thu, Jun 30, 2011 at 07:35:24PM +0100, John Moore wrote:
> >
> >>I'm using the upstream module to load balance between 2 back-end
> >>servers, using ip_hash to effect a kind of 'stickiness' (making it
> >>more likely that subsequent requests from the same client will go to
> >>the same back-end server). Now I want to add a 3rd back-end server
> >>into the mix, but which will only come into play if the other 2 are
> >>failing. There's a handy 'backup' parameter I can use for this,
> >>except that according to the docs it cannot be combined with the
> >>ip_hash directive. I'm wondering whether there is some other way to
> >>achieve what I want here? Effectively, the ip_hash becomes
> >>irrelevant once it's failed over to this backup server as there is
> >>only one.
> >Use error_page based fallback instead, i.e. something like this:
> >
> >     upstream backends {
> >         ip_hash;
> >         server 10.0.0.1;
> >         server 10.0.0.2;
> >     }
> >
> >     upstream backup {
> >         server 10.0.0.3;
(Continue reading)

Peter Pang via LinkedIn | 1 Jul 13:28 2011
Picon

Invitation to connect on LinkedIn

LinkedIn

Peter Pang requested to add you as a connection on LinkedIn:

Evert,

I'd like to add you to my professional network on LinkedIn.

- Peter

 
View invitation from Peter Pang

 

DID YOU KNOW your LinkedIn profile helps you control your public image when people search for you?
Setting your profile as public means your LinkedIn profile will come up when people enter your name in leading search engines. Take control of your image!

 

© 2011, LinkedIn Corporation

_______________________________________________
nginx mailing list
nginx@...
http://nginx.org/mailman/listinfo/nginx
Danny Glover | 1 Jul 15:40 2011
Picon

Nginx Module Concurrency Query

Hello, 

I have been trying to get a simple nginx_module working. I referred
http://www.evanmiller.org/nginx-modules-guide.html and found it very
useful. 

The module takes "http://10.90.50.31:1257/hello?w=lelj&ljd=22112" and
sleeps for few sec and simply prints the URI. 

Here is the code :-
----
#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_http.h>
#include <unistd.h>

static char *ngx_http_hello_world(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf);

static ngx_command_t  ngx_http_hello_world_commands[] = {

  { ngx_string("hello_world"),
    NGX_HTTP_LOC_CONF|NGX_CONF_NOARGS,
    ngx_http_hello_world,
    0,
    0,
    NULL },

    ngx_null_command
};

//static u_char  ngx_hello_world[] = "elcome world";

static ngx_http_module_t  ngx_http_hello_world_module_ctx = {
  NULL,                          /* preconfiguration */
  NULL,                          /* postconfiguration */

  NULL,                          /* create main configuration */
  NULL,                          /* init main configuration */

  NULL,                          /* create server configuration */
  NULL,                          /* merge server configuration */

  NULL,                          /* create location configuration */
  NULL                           /* merge location configuration */
};

ngx_module_t ngx_http_hello_world_module = {
  NGX_MODULE_V1,
  &ngx_http_hello_world_module_ctx, /* module context */
  ngx_http_hello_world_commands,   /* module directives */
  NGX_HTTP_MODULE,               /* module type */
  NULL,                          /* init master */
  NULL,                          /* init module */
  NULL,                          /* init process */
  NULL,                          /* init thread */
  NULL,                          /* exit thread */
  NULL,                          /* exit process */
  NULL,                          /* exit master */
  NGX_MODULE_V1_PADDING
};

int sum(int a, int b)
{
        return a+b;
}

static ngx_int_t ngx_http_hello_world_handler(ngx_http_request_t *r)
{
  ngx_buf_t    *b;
  ngx_chain_t   out;

  r->headers_out.content_type.len = sizeof("text/html") - 1;
  r->headers_out.content_type.data = (u_char *) "text/html";

  b = ngx_pcalloc(r->pool, sizeof(ngx_buf_t));

  out.buf = b;
  out.next = NULL;

  b->pos = (r->args).data;
  b->last = (r->args).data + (r->args).len;
  b->memory = 1;
  b->last_buf = 1;

  usleep(1500000);

  r->headers_out.status = NGX_HTTP_OK;
  r->headers_out.content_length_n = (r->args).len;
  ngx_http_send_header(r);

  return ngx_http_output_filter(r, &out);
}

static char *ngx_http_hello_world(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf)
{
  ngx_http_core_loc_conf_t  *clcf;

  clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
  clcf->handler = ngx_http_hello_world_handler;

  return NGX_CONF_OK;
}
-----

nginx.conf 
###########
worker_processes  4;
events {
    worker_connections  1024;
}
....  # ... # 

                location = /hello {
                        hello_world ;
                }
#########

But I guess, I am missing something here. 

I tried ab (Apache benchmarking) on it, and I found that response time
degrades on increasing concurrency. 

# ab -c 10 -n 100 "http://10.90.50.31:1257/hello?w=lelj&ljd=22112" 
...
Time per request:       3804.810 [ms] (mean)
...

# ab -c 20 -n 100 "http://10.90.50.31:1257/hello?w=lelj&ljd=22112" 
...
Time per request:       7587.228 [ms] (mean)
...

# ab -c 30  -n 100 "http://10.90.50.31:1257/hello?w=lelj&ljd=22112"
...
Time per request:       11376.207 [ms] (mean)
.... 

The response time was 11376ms, 7587ms, 3804ms for 30, 20, 10 concurrency
respectively.  
I am not sure what I am missing. 

Can someone please guide me on how do I make this module scale? 

- Danny

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,211552,211552#msg-211552

_______________________________________________
nginx mailing list
nginx@...
http://nginx.org/mailman/listinfo/nginx

Maxim Dounin | 1 Jul 16:07 2011
Picon

Re: Nginx Module Concurrency Query

Hello!

On Fri, Jul 01, 2011 at 09:40:20AM -0400, Danny Glover wrote:

> I have been trying to get a simple nginx_module working. I referred
> http://www.evanmiller.org/nginx-modules-guide.html and found it very
> useful. 
> 
> The module takes "http://10.90.50.31:1257/hello?w=lelj&ljd=22112" and
> sleeps for few sec and simply prints the URI. 
> 
> Here is the code :-

[...]

>   usleep(1500000);

[...]

> The response time was 11376ms, 7587ms, 3804ms for 30, 20, 10 concurrency
> respectively.  
> I am not sure what I am missing. 
> 
> Can someone please guide me on how do I make this module scale? 

The behaviour you see is expected: you can't sleep as it will 
block all requests in a worker process.  Welcome to event-based 
programming. :)

You have to arm timer and return back to event loop, then continue 
processing once event fires.  You may take a look how to do this 
in standard limit_req module, though it will require some adaption 
for handler module.  In particular, you'll have to return NGX_DONE 
and then finalize request yourself, much like it's done when 
reading request body.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@...
http://nginx.org/mailman/listinfo/nginx

bindsocket | 1 Jul 17:58 2011
Picon

auth_basic not requiring Authorization

Having a huge problem with the auth_basic.  Despite putting in the exact
same lines as what I found in many examples, the web server is still
allowing access even without sending any authorization.
Relevent conf bits:

server {
    listen 80;
    server_name  my.servers.name.com;
    log_format fullCombined '$remote_addr - $http_x_forwarded_for
$remote_user [$time_local]  '
                            '"$request" $http_content_length $status
$body_bytes_sent '
                            '"$http_referer" "$http_user_agent"';
    access_log  /var/log/nginx/access.log fullCombined;
    error_log /var/log/nginx/error.log;

    root /var/www/current/pub;

    client_body_buffer_size 1024k;

## Default location
    location / {
        index  index.php;

        auth_basic "Ingester";
        auth_basic_user_file .htpasswd;

        rewrite ^index.php(.*)$ /index.php?/$1 last;
        if (!-f $request_filename) {
                rewrite ^/(.*)$ /index.php?/$1 last;
                break;
        }

    }
## Parse all .php file in the /var/www directory
    location ~ .php$ {
        fastcgi_pass   backend;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME 
$document_root$fastcgi_script_name;
        include /etc/nginx/fastcgi_params;
        fastcgi_param  QUERY_STRING     $query_string;
        fastcgi_param  REQUEST_METHOD   $request_method;
        fastcgi_param  CONTENT_TYPE     $content_type;
        fastcgi_param  CONTENT_LENGTH   $content_length;
        fastcgi_intercept_errors        on;
        fastcgi_ignore_client_abort     off;
        fastcgi_connect_timeout 60;
        fastcgi_send_timeout 180;
        fastcgi_read_timeout 180;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
        fastcgi_temp_file_write_size 256k;
    }

## Disable viewing .htaccess & .htpassword
    location ~ /\.ht {
        deny  all;
    }
}

Thanks in advance,
Brian

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,211601,211601#msg-211601

_______________________________________________
nginx mailing list
nginx@...
http://nginx.org/mailman/listinfo/nginx

Maxim Dounin | 1 Jul 18:17 2011
Picon

Re: auth_basic not requiring Authorization

Hello!

On Fri, Jul 01, 2011 at 11:58:08AM -0400, bindsocket wrote:

> Having a huge problem with the auth_basic.  Despite putting in the exact
> same lines as what I found in many examples, the web server is still
> allowing access even without sending any authorization.
> Relevent conf bits:
> 
> server {
>     listen 80;

[...]

> ## Default location
>     location / {
>         index  index.php;
> 
>         auth_basic "Ingester";
>         auth_basic_user_file .htpasswd;

You have auth_basic in your "location /", so everything that ends 
up here will be protected.

[...]

> ## Parse all .php file in the /var/www directory
>     location ~ .php$ {
>         fastcgi_pass   backend;

But you don't have auth_basic in "location ~ \.php$" (btw, you 
missed "\" before "."), and anything here won't be protected.

You have to move auth_basic to server{} level to protect 
everything (or add it to all relevant locations if you have some 
which doesn't need protection).

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@...
http://nginx.org/mailman/listinfo/nginx

Jim Ohlstein | 1 Jul 18:19 2011
Picon

Re: auth_basic not requiring Authorization

On 7/1/11 11:58 AM, bindsocket wrote:
> Having a huge problem with the auth_basic.  Despite putting in the exact
> same lines as what I found in many examples, the web server is still
> allowing access even without sending any authorization.
> Relevent conf bits:
> 
> server {
>     listen 80;
>     server_name  my.servers.name.com;
>     log_format fullCombined '$remote_addr - $http_x_forwarded_for
> $remote_user [$time_local]  '
>                             '"$request" $http_content_length $status
> $body_bytes_sent '
>                             '"$http_referer" "$http_user_agent"';
>     access_log  /var/log/nginx/access.log fullCombined;
>     error_log /var/log/nginx/error.log;
> 
>     root /var/www/current/pub;
> 
>     client_body_buffer_size 1024k;
> 
> ## Default location
>     location / {
>         index  index.php;
> 
>         auth_basic "Ingester";
>         auth_basic_user_file .htpasswd;
> 
>         rewrite ^index.php(.*)$ /index.php?/$1 last;
>         if (!-f $request_filename) {
>                 rewrite ^/(.*)$ /index.php?/$1 last;
>                 break;
>         }
> 
>     }
> ## Parse all .php file in the /var/www directory
>     location ~ .php$ {
>         fastcgi_pass   backend;
>         fastcgi_index  index.php;
>         fastcgi_param  SCRIPT_FILENAME 
> $document_root$fastcgi_script_name;
>         include /etc/nginx/fastcgi_params;
>         fastcgi_param  QUERY_STRING     $query_string;
>         fastcgi_param  REQUEST_METHOD   $request_method;
>         fastcgi_param  CONTENT_TYPE     $content_type;
>         fastcgi_param  CONTENT_LENGTH   $content_length;
>         fastcgi_intercept_errors        on;
>         fastcgi_ignore_client_abort     off;
>         fastcgi_connect_timeout 60;
>         fastcgi_send_timeout 180;
>         fastcgi_read_timeout 180;
>         fastcgi_buffer_size 128k;
>         fastcgi_buffers 4 256k;
>         fastcgi_busy_buffers_size 256k;
>         fastcgi_temp_file_write_size 256k;
>     }

The above location block is outside the location block that handles PHP
scripts.

You may try

## Default location
    location / {
        index  index.php;

        auth_basic "Ingester";
        auth_basic_user_file .htpasswd;

        rewrite ^index.php(.*)$ /index.php?/$1 last;
        if (!-f $request_filename) {
                rewrite ^/(.*)$ /index.php?/$1 last;
                break;
        }

 	location ~ \.php {
	    fastcgi pass backend;
	    ...
	}

    }

Not also that this is an inefficient setup using "if". See
http://wiki.nginx.org/IfIsEvil. A "try_files" expression would be more
efficient.

Something like

server {

...

  location / {
        index  index.php;

        auth_basic "Ingester";
        auth_basic_user_file .htpasswd;

        rewrite ^index.php(.*)$ /index.php?/$1 last;
        try_files $uri $uri/  <at> rfallback;

 	location ~ \.php {
	    fastcgi pass backend;
	    ...
	}

    }

    location  <at> fallback {
	rewrite ^/(.*)$ /index.php?/$1 last;
    }

    ...

}

> 
> ## Disable viewing .htaccess & .htpassword
>     location ~ /\.ht {
>         deny  all;
>     }
> }
> 
> Thanks in advance,
> Brian
> 
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,211601,211601#msg-211601
> 
> 
> _______________________________________________
> nginx mailing list
> nginx@...
> http://nginx.org/mailman/listinfo/nginx

--

-- 
Jim Ohlstein

_______________________________________________
nginx mailing list
nginx@...
http://nginx.org/mailman/listinfo/nginx

Igor Sysoev | 1 Jul 20:27 2011
Picon

Re: auth_basic not requiring Authorization

On Jul 1, 2011, at 19:58 , bindsocket wrote:

> Having a huge problem with the auth_basic.  Despite putting in the exact
> same lines as what I found in many examples, the web server is still
> allowing access even without sending any authorization.
> Relevent conf bits:
> 
> server {
>    listen 80;
>    server_name  my.servers.name.com;
>    log_format fullCombined '$remote_addr - $http_x_forwarded_for
> $remote_user [$time_local]  '
>                            '"$request" $http_content_length $status
> $body_bytes_sent '
>                            '"$http_referer" "$http_user_agent"';
>    access_log  /var/log/nginx/access.log fullCombined;
>    error_log /var/log/nginx/error.log;
> 
>    root /var/www/current/pub;
> 
>    client_body_buffer_size 1024k;
> 
> ## Default location
>    location / {
>        index  index.php;
> 
>        auth_basic "Ingester";
>        auth_basic_user_file .htpasswd;
> 
>        rewrite ^index.php(.*)$ /index.php?/$1 last;
>        if (!-f $request_filename) {
>                rewrite ^/(.*)$ /index.php?/$1 last;
>                break;
>        }
> 
>    }
> ## Parse all .php file in the /var/www directory
>    location ~ .php$ {
>        fastcgi_pass   backend;
>        fastcgi_index  index.php;
>        fastcgi_param  SCRIPT_FILENAME 
> $document_root$fastcgi_script_name;
>        include /etc/nginx/fastcgi_params;
>        fastcgi_param  QUERY_STRING     $query_string;
>        fastcgi_param  REQUEST_METHOD   $request_method;
>        fastcgi_param  CONTENT_TYPE     $content_type;
>        fastcgi_param  CONTENT_LENGTH   $content_length;
>        fastcgi_intercept_errors        on;
>        fastcgi_ignore_client_abort     off;
>        fastcgi_connect_timeout 60;
>        fastcgi_send_timeout 180;
>        fastcgi_read_timeout 180;
>        fastcgi_buffer_size 128k;
>        fastcgi_buffers 4 256k;
>        fastcgi_busy_buffers_size 256k;
>        fastcgi_temp_file_write_size 256k;
>    }
> 
> ## Disable viewing .htaccess & .htpassword
>    location ~ /\.ht {
>        deny  all;
>    }
> }

   location / {
       index  index.php;

       auth_basic "Ingester";
       auth_basic_user_file .htpasswd;

       try_files  $uri  /index.php?$uri;

       location ~ ^/index.php(/.*)$ {
           fastcgi_index  index.php;
           fastcgi_param  SCRIPT_FILENAME   $document_root$index.php;
           include /etc/nginx/fastcgi_params;
           fastcgi_param  QUERY_STRING     $1;
           ...
       }

       location ~ \.php$ {
           fastcgi_pass   backend;
           fastcgi_index  index.php;
           fastcgi_param  SCRIPT_FILENAME   $document_root$fastcgi_script_name;
           include /etc/nginx/fastcgi_params;
           fastcgi_param  QUERY_STRING     $query_string;
           ...
       }

   }

## Disable viewing .htaccess & .htpassword
   location ~ /\.ht {
       deny  all;
   }
}

--
Igor Sysoev
http://sysoev.ru/en/

_______________________________________________
nginx mailing list
nginx@...
http://nginx.org/mailman/listinfo/nginx

adam | 2 Jul 02:01 2011
Picon

Worker processes in hung state after reload

We use Nginx as a reverse proxy.  After 2 or 3 reloads (kill -HUP), the
parent's one child worker process remains "stuck"; the parent spawns a
new one which is also often "stuck."

The number of worker_processes we have configured is 1. After a reload,
there are 2 workers in the process list. After another reload, 3
workers, and so on. Usually all of these workers are in state R. When we
strace them, we see no system calls, but they are sucking on user CPU.
They are unable to serve requests. One time (seen in detail below), a
new worker was spawned and it was *not* in state R, but state S, and was
able to serve requests, until we issued another reload.

Of course what should happen is, after a reload, we should only ever
have one worker process which is able to serve requests.

Details below, including our config. We can provide lsof, strace, debug
log of the reproduction case if needed.

#############

07/01 23:10[root <at> proxy ~]# cat /etc/redhat-release 
CentOS release 5.6 (Final)

07/01 23:10[root <at> proxy ~]# uname -a
Linux proxy 2.6.21.7-2.fc8xen #1 SMP Fri Feb 15 12:39:36 EST 2008 i686
i686 i386 GNU/Linux

07/01 23:10[root <at> proxy ~]# nginx -V
nginx version: nginx/0.8.54
built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48)
TLS SNI support disabled
configure arguments: --user=nginx --group=nginx
--prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log
--http-client-body-temp-path=/var/lib/nginx/tmp/client_body
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy
--http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi
--http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi
--http-scgi-temp-path=/var/lib/nginx/tmp/scgi
--pid-path=/var/run/nginx.pid --lock-path=/var/lock/subsys/nginx
--with-http_ssl_module --with-http_realip_module
--with-http_addition_module --with-http_xslt_module
--with-http_image_filter_module --with-http_sub_module
--with-http_gzip_static_module --with-http_random_index_module
--with-http_secure_link_module --with-http_degradation_module
--with-http_stub_status_module --with-http_perl_module --with-ipv6
--with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m32 -march=i386
-mtune=generic -fasynchronous-unwind-tables' --with-cc-opt='-O2 -g -pipe
-Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
--param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic
-fasynchronous-unwind-tables'
--add-module=src/http/modules/nginx_syslog_patch
--add-module=src/http/modules/nginx_upstream_module
--add-module=src/http/modules/nginx_ajp_module

(Note above that we have a few third-party modules added for syslog and
upstream health checking.)

#############

## From fresh start:

07/01 22:42[root <at> proxy ~]# /etc/init.d/nginx stop
Stopping nginx:                                            [  OK  ]
07/01 22:43[root <at> proxy ~]# ps wwwaxuf | grep nginx
root     23433  0.0  0.0   4884   704 pts/2    S+   22:43   0:00  |     
 \_ grep nginx

## It's not running. Now, start it:

07/01 22:43[root <at> proxy ~]# /etc/init.d/nginx start
Starting nginx:                                            [  OK  ]
07/01 22:43[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.0  13080  1564 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23464  0.0  0.1  13224  2124 ?        S    22:43   0:00  \_
nginx: worker process

07/01 22:44[root <at> proxy ~]# /etc/init.d/nginx reload
Reloading nginx:                                           [  OK  ]
07/01 22:45[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13612  4580 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23580  0.0  0.1  13744  2684 ?        S    22:45   0:00  \_
nginx: worker process

07/01 22:45[root <at> proxy ~]# /etc/init.d/nginx reload
Reloading nginx:                                           [  OK  ]
07/01 22:46[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13652  4600 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23787  0.0  0.1  13652  2600 ?        S    22:46   0:00  \_
nginx: worker process
07/01 22:46[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13652  4600 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23787  0.0  0.1  13652  2600 ?        S    22:46   0:00  \_
nginx: worker process

07/01 22:46[root <at> proxy ~]# /etc/init.d/nginx reload
Reloading nginx:                                           [  OK  ]
07/01 22:46[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13784  4616 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23830  0.0  0.1  13784  2672 ?        S    22:46   0:00  \_
nginx: worker process
07/01 22:46[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13784  4616 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23830 27.3  0.2  14336  4096 ?        R    22:46   0:11  \_
nginx: worker process

07/01 22:47[root <at> proxy ~]# /etc/init.d/nginx reload
Reloading nginx:                                           [  OK  ]
07/01 22:47[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13784  4616 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23830 28.0  0.2  14336  4096 ?        R    22:46   0:13  \_
nginx: worker process
nginx    23907  0.0  0.1  13784  2620 ?        S    22:47   0:00  \_
nginx: worker process
07/01 22:47[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13784  4616 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23830 29.4  0.2  14336  4096 ?        R    22:46   0:15  \_
nginx: worker process
nginx    23907  0.0  0.1  13784  2704 ?        S    22:47   0:00  \_
nginx: worker process
07/01 22:47[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13784  4616 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23830 34.4  0.2  14336  4096 ?        R    22:46   0:30  \_
nginx: worker process
nginx    23907  0.0  0.1  13784  2916 ?        S    22:47   0:00  \_
nginx: worker process

07/01 22:49[root <at> proxy ~]# /etc/init.d/nginx reload
Reloading nginx:                                           [  OK  ]
07/01 22:49[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13784  4616 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23830 38.1  0.2  14336  4096 ?        R    22:46   1:12  \_
nginx: worker process
nginx    24145  0.0  0.1  13784  2712 ?        S    22:49   0:00  \_
nginx: worker process
07/01 22:49[root <at> proxy ~]# /etc/init.d/nginx reload
Reloading nginx:                                           [  OK  ]
07/01 22:50[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13784  4616 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23830 37.5  0.2  14336  4096 ?        R    22:46   1:16  \_
nginx: worker process
nginx    24185 38.6  0.1  13784  3424 ?        R    22:50   0:01  \_
nginx: worker process

07/01 22:50[root <at> proxy ~]# /etc/init.d/nginx reload
Reloading nginx:                                           [  OK  ]
07/01 22:50[root <at> proxy ~]# ps wwwaxuf | grep nginx | egrep -v
'grep|strace'
root     23463  0.0  0.2  13784  4620 ?        Ss   22:43   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    23830 35.5  0.2  14336  4096 ?        R    22:46   1:20  \_
nginx: worker process
nginx    24185 19.9  0.1  13784  3424 ?        R    22:50   0:04  \_
nginx: worker process
nginx    24318 31.0  0.2  13924  3620 ?        R    22:50   0:01  \_
nginx: worker process

#############

07/01 23:06[root <at> proxy ~]# egrep -v '^#|^$' /etc/nginx/nginx.conf
user              nginx;
worker_processes  1;
syslog local2 nginx;
error_log  syslog:warn|/var/log/nginx/error.log;
pid        /var/run/nginx.pid;
events {
    worker_connections  1024;
}   
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local]
"$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  syslog:warn|/var/log/nginx/access.log  main;
    sendfile        on;
    keepalive_timeout  65;
    gzip  on;
    server {
        listen       80;
        server_name  _;
        location /nginx-status {
            stub_status on;
            access_log off;
            allow 10.0.0.0/8;
            allow 127.0.0.1;
            deny all;
        }   
        location /upstream-status {
            check_status;
            access_log off;
            allow 10.0.0.0/8;
            allow 127.0.0.1;
            deny all;
        }   
        error_page  404     /404.html;
        location = /404.html {
            root   /usr/share/nginx/error;
        }   
        error_page  403     /403.html;
        location = /403.html {
            root   /usr/share/nginx/error;
        }   
        error_page  500 502 504   /500.html;
        location = /500.html {
            root   /usr/share/nginx/error;
        }   
        error_page  503     /503.html;
        location = /503.html {
            root   /usr/share/nginx/error;
        }   
        set $global_ssl_redirect 'yes';
        if ($request_filename ~ "nginx-status") {
            set $global_ssl_redirect 'no';
        }
        if ($request_filename ~ "upstream-status") {
            set $global_ssl_redirect 'no';
        }
        if ($global_ssl_redirect ~* '^yes$') {
            rewrite ^ https://$host$request_uri? permanent;
            break;
        }
    }
    include upstream.conf;
    server {
        listen  443;
        server_name  _;
        ssl on;
        ssl_certificate certs/certchain.crt;
        ssl_certificate_key certs/certchain.key;
        ssl_protocols SSLv3 TLSv1;
        ssl_ciphers HIGH;
        set_real_ip_from 10.0.0.0/8;
        real_ip_header X-Forwarded-For;
        add_header X-Forwarded-For $proxy_add_x_forwarded_for;
        add_header Cache-Control public;
        location / {
            proxy_pass http://appserver_http;
            proxy_connect_timeout 10s;
            proxy_next_upstream error timeout invalid_header http_500
http_503 http_502 http_504;
            proxy_set_header Host $host;
            if ($request_uri ~* "\.(ico|css|js|gif|jpe?g|png)") {
                expires 365d;
                break;
            }
        }
        error_page  404     /404.html;
        location = /404.html {
            root   /usr/share/nginx/error;
        }
        error_page  403     /403.html;
        location = /403.html {
            root   /usr/share/nginx/error;
        }
        error_page  500 502 504   /500.html;
        location = /500.html {
            root   /usr/share/nginx/error;
        }
        error_page  503     /503.html;
        location = /503.html {
            root   /usr/share/nginx/error;
        }
    }
}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,211695,211695#msg-211695

_______________________________________________
nginx mailing list
nginx@...
http://nginx.org/mailman/listinfo/nginx


Gmane