一. 前言

NGINX 反向代理 后端接口时报错:[error] ...: *1918 readv() failed (104: Connection reset by peer) while reading upstream ...

控制台报错信息

NGINX错误日志

二. 解决办法

参考文章 http://blog.51yip.com/apachenginx/2203.html

查看nginx error错误,发现上传接口报以下错:

2019/10/10 19:58:25 [error] 299784#0: \*5967188 readv() failed (104: Connection reset by peer) while reading upstream, client: 59.34.155.7, server: xxxxxxxx, request: "POST /stream/tracking/file HTTP/1.1", upstream: "http://xxxxxxxx/stream/tracking/file", host: "xxxxxxxx"

这种错误日志不多,第一感觉就是上传文件过大,传输时间过长,然后连接被中断。

当使用nginx作为反向代理时,为了支持长连接,需要做到两点:

从client到nginx的连接是长连接,对于客户端来说,nginx长连接是默认开启的。 从nginx到server的连接是长连接,需要自己开启

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
upstream bigdata {  
server 10.0.20.xx:18018;
server 10.0.20.xx:18018;
server 10.0.20.xx:18018;
server 10.0.20.xx:18018;
keepalive 100; //根据qps来调整
}

location ~ / {
。。。。。。。。。省略。。。。。。。。。。。。。
proxy_connect_timeout 120; //加大120
proxy_send_timeout 120; //加大120
proxy_read_timeout 120; //加大120
proxy_http_version 1.1; //开启后端,长连接
proxy_set_header Connection ""; //开启后端,长连接
}

注意:keepalive指定的数值是Nginx每个worker连接后端的最大长连接数,而不是整个Nginx的.

作者:海底苍鹰

地址:http://blog.51yip.com/apachenginx/2203.html

三. 个人配置记录

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
$ cat cpen.top.conf
server {
listen xxx ssl;

server_name xxx.xxx;

location / {
proxy_pass http://127.0.0.1:xxx;
proxy_connect_timeout 120; # 加大120
proxy_send_timeout 120; # 加大120
proxy_read_timeout 120; # 加大120
proxy_http_version 1.1; # 开启后端,长连接
proxy_set_header Connection ""; # 开启后端,长连接
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
}

ssl_certificate /usr/local/nginx/ssl/xxx.pem;
ssl_certificate_key /usr/local/nginx/ssl/xxx.key;

access_log /data/service_logs/nginx/xxx.log misc;
error_log /data/service_logs/nginx/xxx.log;
}