Hi there
I have an instance on ec2 acting as a load balancer for 4 apache2 servers.
The instance is ubuntu precise with nginx 1.2.3
The instance has 4 computing units and 3.75 GB memory
Everything is working ok, except I get random 503 for some images.
I have a page that loads about 20 images, they never load all, randomly some of them don't load and not the same ones every time.
Any help is appreciated.
nginx.conf:
user www-data;
worker_processes 8;
pid /var/run/nginx.pid;
events {
worker_connections 4096;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
map_hash_bucket_size 128;
# server_name_in_redirect off;
### override default ssl settings ###
ssl_session_timeout 10m;
proxy_ssl_session_reuse off;
ssl_session_cache shared:SSL:16m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!kEDH:!aNULL:!MD5:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
#ssl_ciphers HIGH:!aNULL:!MD5:!kEDH;
#ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:RC4 RSA: HIGH;
ssl_prefer_server_ciphers on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
# include /etc/nginx/sites-enabled/*;
include /etc/nginx/cw.conf;
}
cw.conf:
upstream cwbackend {
ip_hash;
server cwweb1.domain.com:80;
server cwweb2.domain.com:80;
server cwweb3.domain.com:80;
server cwweb4.domain.com:80;
keepalive 16;
}
upstream cwsecure {
ip_hash;
server cwweb1.domain.com:443;
server cwweb2.domain.com:443;
server cwweb3.domain.com:443;
server cwweb4.domain.com:443;
keepalive 16;
}
server {
listen 80;
server_name cw1.domain.com;
client_max_body_size 30M;
location / {
proxy_http_version 1.1;
# needed to forward user's IP address to rails
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection "";
# needed for HTTPS
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_next_upstream error timeout invalid_header http_500;
proxy_connect_timeout 30;
proxy_read_timeout 360;
proxy_pass http://cwbackend;
} #end location
} #end server
server {
listen 443;
ssl on;
ssl_certificate /usr/local/src/certs-2011-2014/sslchain.crt;
ssl_certificate_key /usr/local/src/certs-2011-2014/domain.com.key;
server_name cw1.domain.com;
client_max_body_size 30M;
location / {
proxy_http_version 1.1;
# needed to forward user's IP address to rails
proxy_set_header X-Real-IP $remote_addr;
# needed for HTTPS
proxy_set_header X-FORWARDED-PROTO https;
proxy_set_header X-FORWARDED-SSL on;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header Connection "";
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_buffering off;
proxy_connect_timeout 30;
proxy_read_timeout 360;
proxy_pass https://cwsecure;
} #end location
} #end server
backend apache2.conf:
LockFile ${APACHE_LOCK_DIR}/accept.lock
PidFile ${APACHE_PID_FILE}
Timeout 2
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 256
MaxRequestsPerChild 100
</IfModule>
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 200
MaxRequestsPerChild 0
</IfModule>
<IfModule mpm_event_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
DefaultType None
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
Include mods-enabled/*.load
Include mods-enabled/*.conf
Include httpd.conf
Include ports.conf
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
Include conf.d/
Include sites-enabled/
backend site config file:
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin webmaster@domain.com
ServerName cwweb1.domain.com
SSLEngine On
SSLCertificateFile /usr/local/src/domain.com.crt
SSLCertificateKeyFile /usr/local/src/domain.com.key
SSLCertificateChainFile /usr/local/src/intermediate.crt
DocumentRoot /data/www
DirectoryIndex default.php index.php
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /data/www>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>