unicorn Ruby/Rack server user+dev discussion/patches/pulls/bugs/help
 help / color / mirror / code / Atom feed
From: Eric Wong <e@80x24.org>
To: Michael Bernstein <michael.bernstein@clicksign.com>
Cc: unicorn-public@yhbt.net,
	Daniel Libanori <daniel.libanori@clicksign.com>,
	Luiz Ferreira <luiz.ferreira@clicksign.com>
Subject: Re: Connection issues between nginx and unicorn
Date: Tue, 18 Aug 2020 18:06:11 +0000	[thread overview]
Message-ID: <20200818180611.GA18977@dcvr> (raw)
In-Reply-To: <CANgN-T4PPJL=G4SKH7DeaFq_ep9ROYaSXfXimMh32xpRqvyf0w@mail.gmail.com>

Michael Bernstein <michael.bernstein@clicksign.com> wrote:
> Hello,
> We are having a lot of connection issues between nginx and unicorn,
> but we don't know exactly where is the issue. Can somebody help us?

Sure, replies in line...

> Exemple from our nginx logs:
> [error] 6#6: *4269348 connect() failed (111: Connection refused) while
> connecting to upstream, client:, server: _, request: "POST
> /api/v1/documents?access_token=....
> [error] 6#6: *4269169 recv() failed (104: Connection reset by peer)
> while reading response header from upstream, client:,
> server: _, request: "GET /api/v1/documents/.....
> [error] 6#6: *4268896 upstream timed out (110: Operation timed out)
> while connecting to upstream, client:, server: _, request:
> "GET /accounts/.... HTTP/1.1", upstream:
> "", host: "app.clicksign.com",
> referrer: "https://app.clicksign.com/..."

Did any connections ever work?

> ############
> Unicorn configuration file:
> # frozen_string_literal: true
> listen 8080

OK, so that means it's listening to all IP addresses on TCP port 8080;
no problem here.

If you use curl to hit 8080 on the host(s) unicorn is running,
it should work.

> worker_processes 4
> timeout 60
> preload_app true
> GC.respond_to?(:copy_on_write_friendly=) &&
>   (GC.copy_on_write_friendly = true)

Off-topic, GC.copy_on_write_friendly is the default in Ruby 2.0+;
(and IIRC it wasn't in any official Ruby release, just the
Phusion "Enterprise Edition")


> ############
> nginx configuration file:
> proxy_cache_path /var/cache/nginx/ levels=1:2 keys_zone=assets_cache:10m
>                  max_size=1g inactive=60m use_temp_path=off;
> resolver kube-dns.kube-system.svc.cluster.local valid=5s;
> upstream backend {
>   server unicorn;

Is "unicorn" an entry in your DNS (via search path) or
an entry in /etc/hosts file?

There's also no reference to port 8080 anywhere in your nginx
config, so I don't know how nginx is supposed to know that
unicorn is on port 8080.

I would expect to see something like:

    server unicorn.internal.example.com:8080;

Or if on the same host:


> }
> server {
>   server_name _;


>   location ~* ^/(fonts|webfonts|assets|packs) {
>     proxy_redirect off;
>     proxy_cache assets_cache;
>     proxy_cache_valid 120m;
>     proxy_pass http://backend;
>     add_header Cache-Control public;
>     if ($http_origin ~
> '^((https*?:\/\/).*?((\.clicksign)\.(com|me|dev)))($|\/.*$)$' ){
>       add_header Access-Control-Allow-Origin $http_origin;
>     }
>     expires max;
>   }
>   location / {
>     proxy_pass http://backend;
>     proxy_redirect off;
>     proxy_read_timeout 60;
>     proxy_set_header Host $http_host;
>   }

No references to port 8080 in either location block, either.

I don't think you need 8080 in location block if you have them
in the "upstream backend" block; it's been a while since I've
used nginx... But you need 8080 (and the correct IP address or
DNS entry) somewhere.

  reply	other threads:[~2020-08-18 18:06 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-18 15:15 Connection issues between nginx and unicorn Michael Bernstein
2020-08-18 18:06 ` Eric Wong [this message]
2020-08-22  1:27   ` Eric Wong

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

  List information: https://yhbt.net/unicorn/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200818180611.GA18977@dcvr \
    --to=e@80x24.org \
    --cc=daniel.libanori@clicksign.com \
    --cc=luiz.ferreira@clicksign.com \
    --cc=michael.bernstein@clicksign.com \
    --cc=unicorn-public@yhbt.net \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).