Opened 3 years ago
Closed 3 years ago
#2098 closed defect (invalid)
nginx is actively requesting VIP access, which causes mariadb to receive a large number of error logs
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | documentation | Version: | 1.19.x |
| Keywords: | Cc: | ||
| uname -a: | Linux app 4.4.219-1.el7.elrepo.x86_64 #1 SMP Sun Apr 12 16:13:06 EDT 2020 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.14.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-28) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf--error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie' |
||
Description
Hello, my nginx configuration is as follows:
stream {
log_format tcp_json escape=json '{'
'"time_local":"$time_local",'
'"remote_addr":"$remote_addr",'
'"protocol ":"$protocol ",'
'"status": "$status",'
'"bytes_sent":"$bytes_sent",'
'"bytes_received":"$bytes_received",'
'"session_time":"$session_time",'
'"upstream_addr":"$upstream_addr",'
'"upstream_session_time":"$upstream_session_time",'
'"upstream_bytes_sent": "$upstream_bytes_sent",'
'"upstream_bytes_received": "$upstream_bytes_received",'
'"upstream_connect_time": "$upstream_connect_time"'
'}';
access_log /var/log/nginx/tcp-access.log tcp_json buffer=32k flush=5s;
upstream mariadb {
server 192.168.1.151:3306 weight=1;
server 192.168.1.152:3306 weight=1 backup;
server 192.168.1.153:3306 weight=1 backup;
}
server {
listen 3306;
proxy_pass mariadb;
proxy_timeout 40m;
}
}
The corresponding nginx log is as follows:
{"time_local":"20/Nov/2020:17:03:14 +0800","remote_addr":"192.168.1.100","protocol ":"TCP ","status": "200","bytes_sent":"0","bytes_received":"0","session_time":"0.000","upstream_addr":"192.168.1.151:3306","upstream_session_time":"0.000","upstream_bytes_sent": "0","upstream_bytes_received": "0","upstream_connect_time": "0.000"}
{"time_local":"20/Nov/2020:17:03:44 +0800","remote_addr":"192.168.1.100","protocol ":"TCP ","status": "200","bytes_sent":"0","bytes_received":"0","session_time":"0.000","upstream_addr":"192.168.1.151:3306","upstream_session_time":"0.000","upstream_bytes_sent": "0","upstream_bytes_received": "0","upstream_connect_time": "0.000"}
192.168.1.100 is the IP address of the nginx host. Checking nginx, it feels that nginx is actively requesting VIP access, which causes mariadb to receive a large number of error logs.
Hope to get your feedback, thank you.
The stream module does not request anything, but rather proxies connections to the server configured. That is, it simply passes anything it got from the client to the upstream server, and vice versa. If you observe some incorrect behaviour like "actively requesting VIP access", this is likely something your clients do, not nginx. If you think this might be related to your nginx configuration, consider using support options available.