Nginx reverse proxy to apigee: upstream prematurely closed connection

Not applicable

I have setup a nginx instance that proxies requests to our apigee instance. We need to do this because Apigee does not provide a way to make https requests directly to Apigee as it cannot verify our SSL certs.

Now, this nginx proxy works fine for most requests. But for requests with large responses, it intermittently fails. The nginx error

2015/01/30 11:37:46 [error] 10404#0: *3953 upstream prematurely closed connection while reading upstream, client: 172.31.40.204, server: apitest.zendrive.com, request: "GET /v1/driver/vishal-2@zendrive.com/trip/1422149911713?apikey=ANnyTq9U0Xu6cOorxwI3xkFEtWvohb7j&fields=info,score,events,simple_path,speed_profile HTTP/1.1", upstream: "https://107.23.127.90:443/v1/driver/vishal-2@zendrive.com/trip/1422149911713?apikey=ANnyTq9U0Xu6cOor...", host: "apitest.zendrive.com"

The nginx proxy config has

server {

listen 80;

server_name apitest.zendrive.com;

location / {

proxy_pass https://zendrive-prod.apigee.net;

proxy_buffering on;

error_log /var/log/nginx/apitest.log debug;

proxy_read_timeout 300s;

proxy_connect_timeout 300s;

proxy_buffer_size 4k;

proxy_buffers 256 4k;

proxy_temp_file_write_size 16k;

proxy_temp_path /mnt/data1/nginx/proxy_temp 1 2;

}

}

To reproduce this - the following request fails frequently.

$ curl -v "https://apitest.zendrive.com/v1/driver/vishal-2@zendrive.com/trip/1422149911713?apikey=ANnyTq9U0Xu6c..." -o /tmp/out

The nginx debug logs for this request does not indicate the cause.

2015/01/30 11:37:46 [debug] 10404#0: *3953 pipe write downstream done

2015/01/30 11:37:46 [debug] 10404#0: *3953 event timer: 36, old: 1422618166237, new: 1422618166395

2015/01/30 11:37:46 [debug] 10404#0: *3953 http upstream exit: 0000000000000000

2015/01/30 11:37:46 [error] 10404#0: *3953 upstream prematurely closed connection while reading upstream, client: 172.31.40.204, server: apitest.zendrive.com, request: "GET /v1/driver/vishal-2@zendrive.com/trip/1422149911713?apikey=ANnyTq9U0Xu6cOorxwI3xkFEtWvohb7j&fields=info,score,events,simple_path,speed_profile HTTP/1.1", upstream: "https://107.23.127.90:443/v1/driver/vishal-2@zendrive.com/trip/1422149911713?apikey=ANnyTq9U0Xu6cOor...", host: "apitest.zendrive.com"

2015/01/30 11:37:46 [debug] 10404#0: *3953 finalize http upstream request: 502

2015/01/30 11:37:46 [debug] 10404#0: *3953 finalize http proxy request

How can I resolve this?

I don't see any issue when downloading directly from zendrive-prod.apigee.net

0 3 4,383
3 REPLIES 3

Not applicable

Hi Chandan,

I have been unable to reproduce the issue using the curl call provided above. Could you confirm if you are still seeing the problem?

Arun

Not applicable

So, I narrowed down the problem to this. The errors go away if I use http:// in my proxy_pass directive.

So, I see more than 50% of large responses fail for

location / {

proxy_pass https://zendrive-prod.apigee.net;

}

But no errors for

location / {

proxy_pass http://zendrive-prod.apigee.net;

}

@akumar This is why you did not see the problem. I will set it up again so that you can see this.

So, it looks like a problem in SSL interaction between apigee and nginix. I am using nginx 1.6.2

Not applicable

@Chandan Shanbhag I have a scenario where my apigee is running on box A and nginx is running on box B , please provide a nginx server conf which i can use so that ll request routed to apigee for a proxy on port 9001 go through nginx .

why i am doing this :I need to do a little url rewrite in nginx for input URL.