I have nginx as the reverse proxy of uwsgi service, and settings are very simple, just pass the connection to the backend. And when the code has come problem, uwsgi will send a 502 error to nginx, which make nginx only display 502 errors, and in order to check the problem, we have to check the uwsgi log, which is very inconvenient when we are developing. And I search the google which couldn't give me an answer, so is there any method to display code exceptions to nginx instead of just a 502 error.
use --catch-exceptions but use it only in development, as it could show sensible data
Related
I have an application on an EC2 instance behind NGINX. NGINX serves the client as follows
https://localhost:443/org/consumer/consumer-app
My app in the backend only understands
http://localhost:8080/consumer/consumer-app
Both NGINX and app are on the same EC2 instance. I want a way to eliminate the /org/ before I pass the request to the upstream server. I tried rewrite directive but couldn't get it to work. What's the best way to do it?
Also, I want the /org/ reintroduced back by NGINX when responding back to the client.
Any help offered would be greatly appreciated.
Thanks
Gone through HTTP response codes .. and understands the what these response codes(rcodes) stands for
But I am not sure what rcode will be sent to client/consumer(say browser) in below scenario. I am using NGINX as reverse proxy and Apache as HTTP
server running web application(say app) behind the NGINX.
Couple of scenario
Runtime error occurs in app which by throws rcode as 500(runtime error code by default). My understanding is nginx will continue to throw 500 and not convert
it to 502 ?
App is down or not available. My understanding is nginx will throw 503 not 502 in this case ?
App is taking more time to process than nginx default connection time out. My understanding is nginx will throw 504 in this case ?
If all above points are correct not sure when 502 will be thrown by nginx ? When NGINX will consider the response received from upstream server as invalid response ?
NGINX will not alter the 500 from the app as long as it doesn't step on a problem contacting / fetching data from Apache. E.g. it's a perfectly possible situation that your app will generate a 500, but a problem in NGINX communication against Apache will result in a different 50x, so that 50x is the one the client will see.
If Apache is completely down, you should be getting a 502 (bad gateway), because, in your setup, Apache is the gateway for NGINX. The same will happen if NGINX does not "like" Apache's response in a way, e.g. when Apache sends a response which has headers exceeding NGINX's proxy_buffer_size
Yes, you should be getting 504 (gateway timeout), when Apache/app is timing out in relation to NGINX timeouts
See point 2. And the following: NGINX will simply passthrough whichever response code from the upstream (as in gateway = Apache), so it doesn't need to take any consideration on whether a given response is invalid in terms of response codes, by default.
You can have NGINX take error response codes coming from Apache in consideration and act differently by use of proxy_intercept_errors, which combined with error_page, can allow you to "rewrite" response codes / error messages from Apache, e.g. to "masquarade" app failures as Service Unavailable:
error_page 500 =503 /503.html;
proxy_intercept_errors on;
When I search for nginx logstash , most talks about hadling nginx log with logstash.
I'm not doing that.
I'm thinking of putting Nginx in front of logstash.
Is it ok or beneficial to let logstash handle the http requests directly? (Because I couldn't find docs which puts Nginx in front of logstash, I think the term for this pattern is reverse proxy.. although I don't get why it's called reverse nor proxy)
guys!
I build a chat application based on WebSocket. As backend I use PHP and nginx as a proxy for WebSocket connection.
Searching about PHP libs for WS gave me Ratchet. This tools support WAMP protocol. Something about it: http://wamp-proto.org/why/
Well, I've decided to use this protocol - it seems useful. I tuned nginx for proxy WebSocket connections in standard way. And for common using WebSocket at frontend/backend - all is ok.
But, if I start use WAMP at backend and try to use autobahn.js for WAMP at frontend, I catch 426 No Sec-WebSocket-Protocols requested supported as response every time. At PHP I see that connection from nginx is not receiving. So, as I understood, nginx doesn't process connection with WAMP subprotocol in right way.
So, I don't understand, should I use nginx as a proxy for WAMP? WAMP is just a subprotocol for WebSocket, but doesn't work for me.
Does anybody knows where problem is?
Seems like Nginx isn't forwarding the WebSocket subprotocol announced by the client to the backend WAMP router.
Try adding this to your Nginx conf:
proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol
See: https://stackoverflow.com/a/36506746/884770
I hosted my application, and doing some stress tests, I noticed that when shooting around 50 requests in parallel, the server responds HTTP 503.
What does this means? It may be some specific configuration limiting the number of requests from Tomcat?
Thanks.
That typically just means you've run out of threads to handle the request. You could try increasing the maxThreads in your Tomcat server.xml file, or if you're using Apache HTTP server as a front end, you may need to configure your Connector to allow more connections.
A 503 status indicates the service handling the request is unavailable.
The server is currently unable to handle the request due to a
temporary overloading or maintenance of the server.
- HTTP Specification on 503
From time-to-time you'll see this if you're running Tomcat behind Apache, with Apache operating as a proxy. If Apache is unable to contact Tomcat it will return a 503 response.
If you are using Apache httpd as a front-end, you may want to check if there is a firewall between Tomcat and Apache. After having disabled the firewall on the Tomcat machine in our environment, the 503 errors disappeared.
See also this.
Above document also describes other less drastic ways of solving the 503 problem when a firewall is involved.