Hi there
I have an instance on ec2 acting as a load balancer for 4 apache2
servers.
The instance is ubuntu precise with nginx 1.2.3
The instance has 4 computing units and 3.75 GB memory
Everything is working ok, except I get random 503 for some images.
I have a page that loads about 20 images, they never load all, randomly
some
of them don’t load and not the same ones every time.
Any help is appreciated.
nginx.conf:
user www-data;
worker_processes 8;
pid /var/run/nginx.pid;
events {
worker_connections 4096;
multi_accept on;
}
http {
Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
server_names_hash_bucket_size 64;
map_hash_bucket_size 128;
server_name_in_redirect off;
override default ssl settings
ssl_session_timeout 10m;
proxy_ssl_session_reuse off;
ssl_session_cache shared:SSL:16m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers
ALL:!ADH:!kEDH:!aNULL:!MD5:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
#ssl_ciphers HIGH:!aNULL:!MD5:!kEDH;
#ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:RC4 RSA:
HIGH;
ssl_prefer_server_ciphers on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
Logging Settings
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
Gzip Settings
gzip on;
gzip_disable “msie6”;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json
application/x-javascript
text/xml application/xml application/xml+rss text/javascript;
nginx-naxsi config
Uncomment it if you installed nginx-naxsi
#include /etc/nginx/naxsi_core.rules;
nginx-passenger config
Uncomment it if you installed nginx-passenger
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
Virtual Host Configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /etc/nginx/cw.conf;
}
cw.conf:
upstream cwbackend {
ip_hash;
server cwweb1.domain.com:80;
server cwweb2.domain.com:80;
server cwweb3.domain.com:80;
server cwweb4.domain.com:80;
keepalive 16;
}
upstream cwsecure {
ip_hash;
server cwweb1.domain.com:443;
server cwweb2.domain.com:443;
server cwweb3.domain.com:443;
server cwweb4.domain.com:443;
keepalive 16;
}
server {
listen 80;
server_name cw1.domain.com;
client_max_body_size 30M;
location / {
proxy_http_version 1.1;
# needed to forward user’s IP address to rails
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection “”;
# needed for HTTPS
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_next_upstream error timeout invalid_header http_500;
proxy_connect_timeout 30;
proxy_read_timeout 360;
proxy_pass http://cwbackend;
} #end location
} #end server
server {
listen 443;
ssl on;
ssl_certificate /usr/local/src/certs-2011-2014/sslchain.crt;
ssl_certificate_key /usr/local/src/certs-2011-2014/domain.com.key;
server_name cw1.domain.com;
client_max_body_size 30M;
location / {
proxy_http_version 1.1;
needed to forward user’s IP address to rails
proxy_set_header X-Real-IP $remote_addr;
# needed for HTTPS
proxy_set_header X-FORWARDED-PROTO https;
proxy_set_header X-FORWARDED-SSL on;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header Connection "";
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_buffering off;
proxy_connect_timeout 30;
proxy_read_timeout 360;
proxy_pass https://cwsecure;
} #end location
} #end server
backend apache2.conf:
LockFile ${APACHE_LOCK_DIR}/accept.lock
PidFile ${APACHE_PID_FILE}
Timeout 2
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 256 MaxRequestsPerChild 100 StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 200 MaxRequestsPerChild 0 StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
AccessFileName .htaccess
<Files ~ “^.ht”>
Order allow,deny
Deny from all
Satisfy all
DefaultType None
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
Include mods-enabled/.load
Include mods-enabled/.conf
Include httpd.conf
Include ports.conf
LogFormat “%v:%p %h %l %u %t "%r" %>s %O "%{Referer}i"
"%{User-Agent}i"” vhost_combined
LogFormat “%h %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"”
combined
LogFormat “%h %l %u %t "%r" %>s %O” common
LogFormat “%{Referer}i → %U” referer
LogFormat “%{User-agent}i” agent
Include conf.d/
Include sites-enabled/
backend site config file:
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName cwweb1.domain.com
SSLEngine On
SSLCertificateFile /usr/local/src/domain.com.crt
SSLCertificateKeyFile /usr/local/src/domain.com.key
SSLCertificateChainFile /usr/local/src/intermediate.crt
DocumentRoot /data/www
DirectoryIndex default.php index.php
Options FollowSymLinks
AllowOverride None
<Directory /data/www>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory “/usr/lib/cgi-bin”>
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
ErrorLog /var/log/apache2/error.log
Possible values include: debug, info, notice, warn, error, crit,
alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
Posted at Nginx Forum: