Why does nginx crash after a few minutes?

F

fufar2017-07-17 14:57:40

Nginx

fufar, 2017-07-17 14:57:40

I broke my head, I can’t find the reason
. There is Centos 7, nginx (currently 1.12.1, but I tried older versions as well)
In fact, this nginx only proxies requests to the container with radicale and gives the file
After restarting the server, the first minute or two everything works fine - Nginx gives files, information is written to the logs, etc.
After 2, about 2 minutes, nginx stops responding, no telnet, no wget, no one will reach out, nothing gets into the logs.
If you beat / restart / reload nginx, then nothing changes, if you restart the server, then it works for a couple of minutes.
What could be?
nginx.conf config

user  nginx;
worker_processes  auto;

#error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include /etc/nginx/mime.types;

    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout 70;

    gzip  on;

#    include /etc/nginx/conf.d/default.conf;
    include /etc/nginx/vhosts/radicale-forwarding.conf;


}

config radicale-forwarding.conf

server {
    #ssl only
    listen 22443 ssl;
    
    server_name адрес;

    ssl                     on;
    ssl_protocols           SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    
    ssl_certificate         /etc/nginx/cert/имясертификата.crt;
    ssl_certificate_key     /etc/nginx/cert/имяключа.key;
    ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
    
    access_log /var/log/nginx/contacts.access.log;
    error_log /var/log/nginx/contacts.error.log;



    location / {
        #deny all;
        #rewrite ^ /file/ break;
    }
        
    # addressbook endpoint
    location /file.vcf {
        proxy_pass http://ip:5232;
    }
        
    }

Firewalls are off

[[email protected] ~]# systemctl status iptables 
● iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
   Active: inactive (dead)

[[email protected] ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)

port available

[[email protected] ~]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22443           0.0.0.0:*               LISTEN      24751/nginx: master

Reply

Answer the question

In order to leave comments, you need to log in

[[+comments_count]] answer(s)

F

fufar, 2017-07-28
@fufar

the problem disappeared, what is the reason for this - xs

K

kolu4iy, 2017-07-27
@kolu4iy

The backlog gets clogged: for some reason, the nginx input queue is not being cleared. Try to set a timeout, and look at the radicale logs - does anything reach it at all, and if so - does it respond ...
PS I would also dig into SELinux - how is it there, without us ... By default, nginx profiles if he has appeared, then your ports are definitely not in them. Dig there too - selinux writes logs.