Giacomo,
Have a look at nginx error and access logs.
Most likely, that's tomcat default timeout fires.
Regards,
Igor.
On 04.07.2018 17:17, Giacomo Arru - BETA Technologies wrote:
Tomcat: 9.0.8 nginx: 1.12.2
I have this configuration:
Vaadin 8 application, served via Tomcat 9.
The application has manual push with websocket transport.
*If I use the app directly from Tomcat,*
-the Websocket connection works correctly.
-the upload within the app of 10mb files works.
*If I use the application through nginx proxy,*
the upload works for very small files only (max 61440 bytes) and the
websocket initially works, but after 30 seconds the application hangs
(I think the websocket gets closed).
This is the nginx configuration:
*nginx.conf*
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local]
"$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format main_ext '$remote_addr - $remote_user [$time_local]
"$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'"$host" sn="$server_name" '
'rt=$request_time '
'ua="$upstream_addr" us="$upstream_status" '
'ut="$upstream_response_time" ul="$upstream_response_length" '
'cs=$upstream_cache_status' ;
access_log /var/log/nginx/access.log main_ext;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
include /etc/nginx/mime.types;
default_type application/octet-stream;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# Load modular configuration files from the /etc/nginx/conf.d
directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name demo.myserver.com;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
}
client_body_buffer_size 10M;
client_max_body_size 10M;
gzip on;
send_timeout 600;
proxy_connect_timeout 81640;
proxy_send_timeout 81640;
proxy_read_timeout 81640;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_buffering off;
proxy_redirect off;
proxy_request_buffering off;
types_hash_max_size 2048;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
}
*myvhost.conf*
proxy_cache_path /tmp/NGINX_cache-demo/ levels=1:2 keys_zone=demo:10m
max_size=100m inactive=1h;
upstream demo {
ip_hash;
server 172.16.1.1:8080 max_fails=0 fail_timeout=3s;
keepalive 100;
}
server {
listen 80;
server_name demo.myserver.com;
# Redirect all HTTP to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
server_name demo.impresacloud.com;
listen 443 ssl http2; # managed by Certbot
ssl_certificate
/etc/letsencrypt/live/demo.impresacloud.com/fullchain.pem; # managed
by Certbot
ssl_certificate_key
/etc/letsencrypt/live/demo.impresacloud.com/privkey.pem; # managed by
Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
access_log /var/log/nginx/access_demo.log main_ext;
error_log /var/log/nginx/error_demo.log info;
client_max_body_size 128m;
# disable unsupported ciphers
#ssl_ciphers AESGCM:HIGH:!aNULL:!MD5;
# ssl optimizations
ssl_session_cache shared:SSL:60m;
#sl_session_timeout 60m;
add_header Strict-Transport-Security "max-age=31536000";
client_header_timeout 3m;
client_body_timeout 3m;
# Risolve loop di redirect
location = /app/ {
return 302 /;
}
location = /app {
return 302 /;
}
# A location block is needed per URI group
location / {
#proxy_read_timeout 300;
#proxy_connect_timeout 300;
proxy_cache demo;
proxy_cookie_path /app /;
error_page 500 502 503 504 /server_down.html;
### force timeouts if one of backend is died ##
#proxy_next_upstream error timeout invalid_header http_500
http_502 http_503 http_504;
### Set headers ####
#proxy_set_header Accept-Encoding "";
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Server $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_ignore_client_abort off;
proxy_redirect off;
### Most PHP, Python, Rails, Java App can use this header ###
#proxy_set_header X-Forwarded-Proto $scheme;
#add_header Front-End-Https on;
#proxy_pass_request_headers On;
#proxy_buffer_size 64k;
#proxy_buffers 16 32k;
#proxy_busy_buffers_size 64k;
#proxy_connect_timeout 3600;
#proxy_read_timeout 84600s;
#proxy_send_timeout 84600s;
#reset_timedout_connection off;
proxy_pass http://demo/app/;
}
location = /server_down.html {
root /opt/ImpresaCloud/proxy_html/;
}
}
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
