search

NeusoftSecurity / SEnginx

Security-Enhanced nginx by Neusoft corporation.
www.senginx.org
BSD 2-Clause "Simplified" License
182 stars 68 forks source link

query: In SEnginx what is the default state for the 'persistence' extension #16

Closed peterbowey closed 10 years ago

peterbowey commented 10 years ago

@InfoHunter

Is it possible / correct to use persistence off; or perhaps persistence ""; ?

The Wiki at http://www.senginx.org/en/index.php/HTTP_Persistence does not advise on it's default state.

Syntax persistence mode [cookie_name=name] [monitor_cookie=name] [timeout=timeout]

Question is: "how does one disable 'persistence' for a given 'server' or 'location' need?

I ask this as I note it shows up in SEnginx debug logs - for upstream locations that have no 'persistence' setting.

See abbreviated log below:

2014/05/08 16:37:24 [debug] 55770#0: *3 init keepalive peer
2014/05/08 16:37:24 [debug] 55770#0: *3 init least conn peer
2014/05/08 16:37:24 [debug] 55770#0: *3 get keepalive peer
2014/05/08 16:37:24 [debug] 55770#0: *3 get least conn peer, try: 3
2014/05/08 16:37:24 [debug] 55770#0: *3 persistence get not set

2014/05/08 16:37:24 [debug] 55770#0: *3 get least_conn peer, check_index: 18446744073709551615
2014/05/08 16:37:24 [debug] 55770#0: *3 get least_conn peer, check_index: 18446744073709551615
2014/05/08 16:37:24 [debug] 55770#0: *3 get least_conn peer, check_index: 18446744073709551615
2014/05/08 16:37:24 [debug] 55770#0: *3 get least conn peer, many
2014/05/08 16:37:24 [debug] 55770#0: *3 get least_conn peer, check_index: 18446744073709551615
2014/05/08 16:37:24 [debug] 55770#0: *3 get least_conn peer, check_index: 18446744073709551615
2014/05/08 16:37:24 [debug] 55770#0: *3 get least_conn peer, check_index: 18446744073709551615
2014/05/08 16:37:24 [debug] 55770#0: *3 persistence set not set

Notes: Why do my 3 Unix sockets upstream proxy's all use the same ID (18446744073709551615)?

InfoHunter commented 10 years ago

@peterbowey

There is no "off" parameter for "persistence" directive. If you don't want to enable persistence in an upstream, you can only remove or comment out the "persistence" line in your config file. If you do so, you can find some logs like what you pasted above - persistence "get" not set and "set" not set. That means in this upstream, persistence functionality is not enabled.

The check_index has nothing to do with persistence module, it's only valid when you enable the "health check" feature in SEnginx. So just ignore them. I migrated this "health check" feature from tengine. : )

peterbowey commented 10 years ago

@InfoHunter

Thanks Paul, the above seems to 'agree' with Tengine's and Nginx's PLUS model and use (too).

I was just 'concerned' over the 'small' over-head of the 'get' + 'set'....