My website is running in a Docker Image using Nginx with reverse proxy.
Site is working prefectly for many hours under heavy traffic, but eventually it stops working and giving no response with 5** time out error.
In AWS Elastic Beanstalks Nginx-log I found this error-message:
[alert] 18037#0: 1024 worker_connections are not enough
I am afraid something is wrong with my custom Nginx-config,
but I do not understand what it is.
Code from https-redirect-docker-sc.config is attached.
I have tried to debug code to find any memory leaks or loops, but I can not find any solution.
files:
"/etc/nginx/sites-available/elasticbeanstalk-nginx-docker-proxy.conf":
owner: root
group: root
mode: "000755"
content: |
map $http_upgrade $connection_upgrade {
default "upgrade";
"" "";
}
server {
listen 80;
server_name mydomain.no;
return 301 https://www.mydomain.no$request_uri;
}
server {
listen 80 default_server;
gzip on;
gzip_comp_level 4;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log;
location / {
set $redirect 0;
if ($http_x_forwarded_proto != "https") {
set $redirect 1;
}
if ($http_user_agent ~* "ELB-HealthChecker") {
set $redirect 0;
}
if ($redirect = 1) {
return 301 https://$host$request_uri;
}
proxy_pass http://docker;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Default value for Nginx worker_connections is 1024, which is not enough for you.
Add events block before http in your nginx.conf, so it looks like this:
events {
worker_connections 4096; ## Default: 1024
}
http {
include conf/mime.types;
.....
}
You can also increase number of worker_processes(default = 1), so the total amount of connections your server can handle would be worker_processes * worker_connections
Please check here the full example configuration
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 3 years ago.
Improve this question
I have a website setup in Elastic Beanstalk, but when I enter the website.com URL in a browser, it auto directs me to https//website.com and is missing the colon... it works if I add www.website.com though... or if I type https://www.website.com.
The contents of a .ebextensions/prod01.config file
files:
/etc/nginx/conf.d/proxy.conf:
owner: root
group: root
mode: "000644"
content: |
# Elastic Beanstalk Managed
# Elastic Beanstalk managed configuration file
# Some configuration of nginx can be by placing files in /etc/nginx/conf.d
# using Configuration Files.
# http://docs.amazonwebservices.com/elasticbeanstalk/latest/dg/customize-containers.html
upstream nodejs {
server 127.0.0.1:8081;
keepalive 256;
}
server {
listen 8080;
server_name website.com;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log main;
location / {
set $redirect 0;
if ($http_x_forwarded_proto != "https") {
set $redirect 1;
}
if ($http_user_agent ~* "ELB-HealthChecker") {
set $redirect 0;
}
if ($redirect = 1) {
return 301 https://www.heyants.com$request_uri;
}
proxy_pass http://nodejs;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 8080;
server_name www.website.com;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log main;
location / {
set $redirect 0;
if ($http_x_forwarded_proto != "https") {
set $redirect 1;
}
if ($http_user_agent ~* "ELB-HealthChecker") {
set $redirect 0;
}
if ($redirect = 1) {
return 301 https://$host$request_uri;
}
proxy_pass http://nodejs;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
gzip on;
gzip_comp_level 4;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
}
/opt/elasticbeanstalk/hooks/configdeploy/post/99_kill_default_nginx.sh:
owner: root
group: root
mode: "000755"
content: |
#!/bin/bash -xe
rm -f /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf
if [[ -e /etc/init/nginx.conf ]] ; then
echo Using initctl to stop and start nginx
initctl stop nginx || true
initctl start nginx
else
echo Using service to stop and start nginx
service nginx stop
service nginx start
fi
container_commands:
removeconfig:
command: "rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf"
Update
I have updated to use one of the AWS references provided below; but one condition of the redirect still does not work; I hope that with this clear update a truly canonical solution for all can be found.
website.com SUCCESSFULLY REDIRECTS TO https://www.website.com
www.website.com SUCCESSFULLY REDIRECTS TO https://www.website.com
https://www.website.com SUCCESSFULLY REDIRECTS TO https://www.website.com
http://www.website.com SUCCESSFULLY REDIRECTS TO
https://website.com
http://website.com FAILS TO REDIRECT TO https://www.website.com
https://website.com FAILS TO REDIRECT TO https://www.website.com; it takes them to https//www.website.com (Missing a colon)
Update your AWS Elastic Beanstalk config file that is residing here "/etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf" with the following content according to your requirements:
location / {
set $redirect 0;
if ($http_x_forwarded_proto != "https") {
set $redirect 1;
}
if ($http_user_agent ~* "ELB-HealthChecker") {
set $redirect 0;
}
if ($redirect = 1) {
return 301 https://$host$request_uri;
}
proxy_pass http://nodejs;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
I tested with your configuration:
Request: GET http://website.com/ --> Reponse: 301, Location: http://https://www.website.com/
the second semicolon is removed by browser. It is unexpected, bug perhaps.
Can you try to use rewrite instead:
listen 8080;
server_name website.com;
...
if ($redirect = 1) {
rewrite ^(.*) https://www.website.com$1 permanent;
}
Request: GET https://website.com/ --> FAILED
On website.com rule it redirect to https://www.website.com/ only if its http. If you want https://website.com/ redirects to https://www.website.com/ then add
listen 8080;
server_name website.com;
...
if ($host = "website.com") {
rewrite ^(.*) https://www.website.com$1 permanent;
}
I followed these two posts, but without any luck
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/java-se-nginx.html
https://davidojeda.mx/blog/2018/01/11/extend-nginx-config-on-aws-elasticbeanstalk
I just started to play around with elastic beanstalk on hand.
Going with the basics, I started the server with port:8000
I want to do a reverse proxy so it would be listening to port 80 instead.
I did not do this with elb to start with because I want to get to know the basics more before going into elb
this is my index.js which runs the app
const express = require('express');
const app = express();
const port = 8000;
app.get('/', async (req, res) => {
return res.json({ status: true });
});
app.listen(port, () => console.log(`Example app listening on port ${port}!`));
The above would work for sure if the url is http://eb_self_generated_url:8000 so I want to get it working with https://eb_self_generated_url
I was reading a few posts but none of them works though.
in my root, I created .ebextensions/nginx/conf.d/s_proxy.conf and inside I have
upstream nodejs {
server 127.0.0.1:8081;
keepalive 256;
}
server {
listen 8080;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log main;
location / {
# this is actually what need to be changed
# I tried changing from http://nodejs to http://localhost:8000 at server which then will make the reverse proxy work
proxy_pass http://localhost:8000;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
gzip on;
gzip_comp_level 4;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml appl$
}
I tried to zip the above and update / deploy but nothing changes
I also tried creating this under my app .ebextensions/proxy.conf
files:
/etc/nginx/conf.d/:
owner: root
group: root
content: |
upstream nodejs {
server 127.0.0.1:8081;
keepalive 256;
}
server {
listen 8080;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log main;
location / {
proxy_pass http://localhost:8000;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
gzip on;
gzip_comp_level 4;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml appl$
# Include the Elastic Beanstalk generated locations
include conf.d/elasticbeanstalk/01_static.conf;
include conf.d/elasticbeanstalk/healthd.conf;
}
still I got no luck with getting the reverse proxy to work.
Anyone able to give me a hand ?
Thank you for any help and suggestions.
did you notice that you are using the port 8081 in nginx config instead your app's port (8000)?
upstream nodejs {
server 127.0.0.1:8081;
keepalive 256;
}
What is the best way to force http to https with Elastic Beanstalk that has a Nginx Load Balancer? Https works for the application with the certificate I received from the AWS Certificate Manager, I just want it to make sure that https is always used. Seems like something that should already be built in to AWS. Any help is appreciated.
Create a file that ends with .config in your ebextensions and add the following to it
files:
/etc/nginx/conf.d/proxy.conf:
owner: root
group: root
mode: "000644"
content: |
upstream nodejs {
server 127.0.0.1:8081;
keepalive 256;
}
server {
listen 8080;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log main;
location / {
set $redirect 0;
if ($http_x_forwarded_proto != "https") {
set $redirect 1;
}
if ($http_user_agent ~* "ELB-HealthChecker") {
set $redirect 0;
}
if ($redirect = 1) {
return 301 https://$host$request_uri;
}
proxy_pass http://nodejs;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
gzip on;
gzip_comp_level 4;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
}
/opt/elasticbeanstalk/hooks/configdeploy/post/99_kill_default_nginx.sh:
owner: root
group: root
mode: "000755"
content: |
#!/bin/bash -xe
rm -f /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf
service nginx stop
service nginx start
container_commands:
removeconfig:
command: "rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf"
source
You can read more about ebextensions here
Does anyone have a formatted nginx.config file for upgrading AWS EB to allow for web sockets? It would be great to see your example nginx.config files for this. I found I need to setup the nginx.config from this link.
Here's the one I thought was going to work before I tried other things but it and various similar versions I put through a YAML validator gave deployment errors:
files:
/etc/nginx/conf.d/proxy.conf:
content: |
http {
client_max_body_size 50M;
}
client_max_body_size 50M;
upstream nodejs {
server 127.0.0.1:8081;
keepalive 256;
}
server {
listen 8080;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log main;
location / {
proxy_pass http://nodejs;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
gzip on;
gzip_comp_level 4;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /static {
alias /var/app/current/static;
}
}
container_commands:
removeconfig:
command: "rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf"
I've tried about a dozen formats I've found across the internet to no avail including from the following links:
Web Socket Issue for Node.js app on AWS EB for Parse Live Query
https://github.com/parse-community/parse-server/issues/3611
I need to change the configuration of my nginx reverse proxy in EB. In my local environment I have all configured fine and working, but when I try to change the proxy_cache_path and other stuff, it's not working.
This is my local configuration (nginx.conf), the important thing here is proxy_cache_path and configure cache section :
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
gzip on;
proxy_cache_path /cache/nginx levels=1:2 keys_zone=cache_zone_name:10m;
server {
listen 80;
server_name mydomain.app, www.mydomain.app;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
#root html;
#index index.html index.htm;
#Config proxy inverse cache
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
# Add cache debugging header
add_header X-Cache-Status $upstream_cache_status;
# Configure cache
proxy_cache cache_zone_name;
proxy_cache_valid any 1m;
proxy_cache_key $scheme$host$request_uri;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include servers/*;
}
I have take from the official documentation and compare with my instances the .ebextensions/proxy.config:
files:
/etc/nginx/conf.d/proxy.conf:
mode: "000644"
owner: root
group: root
content: |
upstream nodejs {
server 127.0.0.1:8081;
keepalive 256;
}
server {
listen 8080;
# proxy_cache_path /home levels=1:2 keys_zone=cache_zone_name:10m;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log main;
location / {
proxy_pass http://nodejs;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Add cache debugging header
add_header X-Cache-Status $upstream_cache_status;
# Configure cache
# proxy_cache cache_zone_name;
# proxy_cache_valid any 1m;
# proxy_cache_key $scheme$host$request_uri;
}
gzip on;
gzip_comp_level 4;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /public {
alias /var/app/current/public;
}
}
container_commands:
removeconfig:
command: "rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf"
I have configured the folder /home for caching, and if I uncomment the lines of proxy_cache_path and Configure Cache section, the deploy is failed.
Any ideas? I have spent more than 2 hours with that with no results... Thanks!!
Ok, I solved just moving the line out of server:
proxy_cache_path /home levels=1:2 keys_zone=cache_zone_name:10m;
server { ... other code }
I hope someone help my question and answer. Thanks!