Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

infinite timeout for reverse proxy in Apache

I am running tornado behind apache. I have created proxy server.

ProxyRequests On
ProxyPass /chat/ http://localhost:8888/chat/

This code works great and pass all my requests to tornado and returns the response back to client.

Now, I am using tornado for long polling. Some of the requests which finishes in a short interval of time say less than 1 minute this reverse proxy works fine. But certain long polling requests this gives 502 proxy error. The reason for this proxy error is that Apache can hold long polling request for just one minute(by default). It closes the request and hence proxy error is received.

Now, I modified the directive to

ProxyRequests On
ProxyPass /chat/ http://localhost:8888/chat/ timeout=12000

i.e I changed the default timeout to 12000 seconds.

This is currently working fine for me. Bu this is not the best solution to the issue. Ideally long polling requests can exceed any timeout specified. So my questions are

  1. How to make the timeout infinite ? i.e the request is never closed by Apache.
  2. Please also comment: whether the performance of tornado is degraded by going through Apache as proxy server?
like image 511
Kunal Singh Avatar asked Jun 06 '13 12:06

Kunal Singh


1 Answers

I experienced a similar issue with Nginx and solved it the same way as you did. But I changed the timeout to 1 day as it was sufficiently large in my case.

I think you cannot do away with this. The rationale behind this is that Apache (or any proxy server for that matter) has to maintain its performance, which it clearly can't if it has to hold stale or inactive connections. You'd rather let your proxy server proxy more active connections than inactive connections.

Therefore, there is no way to turn off the ProxyTimeout in Apache or even in Nginx (configured using proxy_read_timeout). So if your proxied server is not sending any response within the timeout, then either your application server is taking too long to respond or there is something wrong with your application server or the client is not request for any response. In the first case, you can make safe estimates to set an appropriate timeout. In the second case, you need to fix your application server. And in the third case, you must gracefully handle the situation on the client and reconnect if required.

Coming to your second question, there shouldn't be any difference other than the latency involved between your Apache and your Tornado server. You can very well expose your Tornado server directly to the world but that will come with a few challenges: 1. More ops work - make sure that Tornado process is always up and running. 2. Proxying and load balancing will become more difficult. 3. Worse security as YOU have written that code instead of thousands of expert contributors. So you should not be thinking of running this server as root every. But you can still sort of safely do the same with Apache or Nginx.

Of course the above problems are solvable, but why solve an already solved problem. :)

like image 186
vaidik Avatar answered Oct 13 '22 08:10

vaidik