thespad
commented
1 year ago I've just run a bunch of tests locally with the latest image and the page load times are all in the 400-600ms range.
Closed r2ixuz closed 1 year ago
thespad
commented
1 year ago I've just run a bunch of tests locally with the latest image and the page load times are all in the 400-600ms range.
r2ixuz
commented
1 year ago I don't know. All I can say is that with the latest Apache version 10 days ago everything was fast as expected.
I tried to find where the NGINX config loads up the FastCGI stuff but I could only find a defaults config. Where should I find the config in the container when "docker exec -it" into it?
r2ixuz
commented
1 year ago Hmm, seems to be loaded correctly but still it is like FastCGI is not used:
root@smokeping:/root# nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
include /config/nginx/nginx.conf;
# configuration file /config/nginx/nginx.conf:
## Version 2022/08/16 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx/nginx.conf.sample
### Based on alpine defaults
# https://git.alpinelinux.org/aports/tree/main/nginx/nginx.conf?h=3.15-stable
user abc;
# Set number of worker processes automatically based on number of CPU cores.
include /config/nginx/worker_processes.conf;
# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;
# Configures default error logger.
error_log /config/log/nginx/error.log;
# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;
# Include files with config snippets into the root context.
include /etc/nginx/conf.d/*.conf;
events {
# The maximum number of simultaneous connections that can be opened by
# a worker process.
worker_connections 1024;
}
http {
# Includes mapping of file name extensions to MIME types of responses
# and defines the default type.
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Name servers used to resolve names of upstream servers into addresses.
# It's also needed when using tcpsocket and udpsocket in Lua modules.
#resolver 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001;
include /config/nginx/resolver.conf;
# Don't tell nginx version to the clients. Default is 'on'.
server_tokens off;
# Specifies the maximum accepted body size of a client request, as
# indicated by the request header Content-Length. If the stated content
# length is greater than this size, then the client receives the HTTP
# error code 413. Set to 0 to disable. Default is '1m'.
client_max_body_size 0;
# Sendfile copies data between one FD and other from within the kernel,
# which is more efficient than read() + write(). Default is off.
sendfile on;
# Causes nginx to attempt to send its HTTP response head in one packet,
# instead of using partial frames. Default is 'off'.
tcp_nopush on;
# all ssl related config moved to ssl.conf
include /config/nginx/ssl.conf;
# Enable gzipping of responses.
#gzip on;
# Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'.
gzip_vary on;
# Helper variable for proxying websockets.
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# Sets the path, format, and configuration for a buffered log write.
access_log /config/log/nginx/access.log;
# Includes virtual hosts configs.
include /etc/nginx/http.d/*.conf;
include /config/nginx/site-confs/*.conf;
}
daemon off;
pid /run/nginx.pid;
# configuration file /config/nginx/worker_processes.conf:
# This file is auto-generated only on first start, based on the cpu cores detected. Feel free to change it to any other number or to auto to let nginx handle it automatically.
worker_processes 12;
# configuration file /etc/nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
# configuration file /config/nginx/resolver.conf:
# This file is auto-generated only on first start, based on the container's /etc/resolv.conf file. Feel free to modify it as you wish.
resolver 8.8.8.8 9.9.9.11 valid=30s;
# configuration file /config/nginx/ssl.conf:
## Version 2022/08/20 - Changelog: https://github.com/linuxserver/docker-baseimage-alpine-nginx/commits/master/root/defaults/nginx/ssl.conf.sample
### Mozilla Recommendations
# generated 2022-08-05, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam
ssl_dhparam /config/nginx/dhparams.pem;
# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
#add_header Strict-Transport-Security "max-age=63072000" always;
# OCSP stapling
#ssl_stapling on;
#ssl_stapling_verify on;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
#ssl_trusted_certificate /config/keys/cert.crt;
# Optional additional headers
#add_header Cache-Control "no-transform" always;
#add_header Content-Security-Policy "upgrade-insecure-requests; frame-ancestors 'self'";
#add_header Permissions-Policy "interest-cohort=()";
#add_header Referrer-Policy "same-origin" always;
#add_header X-Content-Type-Options "nosniff" always;
#add_header X-Frame-Options "SAMEORIGIN" always;
#add_header X-UA-Compatible "IE=Edge" always;
#add_header X-XSS-Protection "1; mode=block" always;
# configuration file /config/nginx/site-confs/default.conf:
## Version 2022/10/04 - Changelog: https://github.com/linuxserver/docker-smokeping/commits/master/root/defaults/nginx/site-confs/default.conf.sample
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
location / {
return 301 http://$http_host/smokeping/smokeping.cgi;
}
location = /smokeping/smokeping.cgi {
fastcgi_intercept_errors on;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param SCRIPT_FILENAME /usr/share/webapps/smokeping/smokeping.cgi;
fastcgi_pass unix:/run/fcgiwrap.sock;
}
location ^~ /smokeping/ {
root /usr/share/webapps;
index smokeping.cgi;
gzip off;
}
# deny access to .htaccess/.htpasswd files
location ~ /\.ht {
deny all;
}
}Here is my compose file. Maybe it is not working because the port redirect to 11111 ?
version: '2'
services:
smokeping:
image: linuxserver/smokeping:latest
container_name: smokeping
environment:
- TZ=Europe/Berlin
- PUID=1024
- PGID=100
ports:
- "11111:80"
hostname: smokeping
restart: unless-stopped
volumes:
- /var/lib/docker/bindmounts/smokeping/config:/config
- /var/lib/docker/bindmounts/smokeping/data:/data
- /var/lib/docker/bindmounts/smokeping/resolv.conf:/etc/resolv.conf
- /var/lib/docker/bindmounts/smokeping/bin/ookla-speedtest/speedtest:/usr/bin/speedtest
- /var/lib/docker/bindmounts/smokeping/bin/ookla-speedtest/probe/speedtestcli.pm:/usr/share/perl5/vendor_perl/Smokeping/probes/speedtestcli.pm
networks:
vodafone_public_ipv6:
ipv6_address: ${ADDR1}
networks:
vodafone_public_ipv6:
external:
name: vodafone_public_ipv6Changing the port shouldn't cause an issue, but you can check the browser console for anything that's failing to load, for example.
I wouldn't overwrite resolv.conf as you're screwing with docker's DNS handling, but again that shouldn't inherently break anything.
I've not tested with ipv6 either so I don't know if there's potentially something at work there as well.
r2ixuz
commented
1 year ago There are no errors visible in the browser console. Tested with Chrome and Firefox latest stable releas on macOS.
Resolv.conf is not and never was a problem. But you are right, you need to know what you are doing here. ;-)
IPv6 is no problem here as the NGINX/Apache is only via IPv4 LAN internally accessible. The IPv6 connectivity is only needed for measuring external targets via Smokeping.
Here are for comparison the page load times.
NGINX (new Docker image):
Apache (old Docker image):
go626201
commented
1 year ago I can confirm similar issue also happens on my docker instance. (After updating to the nginx version)
thespad
commented
1 year ago Please provide the templated support information rather than just "me too"ing as it doesn't help us to narrow down the cause.
github-actions[bot]
commented
1 year ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
r2ixuz
commented
1 year ago I tested again with the latest release and a clean config. Even with that load times are around 1 second. So it is definitively a wrong configuration on your side.
You stated that you made local test and got around 600ms response time. Depending on your hardware and network even this value is way too high if FastCGI would work as intended.
Why was the switch to NGINX made? Can we just got back to Apache please?
thespad
commented
1 year ago The change to nginx was because Smokeping is the only one of our ~30 webserver-based images using Apache, and that makes it a big admin overhead because it's a completely different configuration to everything else.
Unfortunately I don't have the time at the moment to properly dig into the latency with nginx/fcgi and find a proper solution so I'm going to roll back the image to use Apache in the meantime.
Is there an existing issue for this?
Current Behavior
Every click takes severals seconds to load a page.
Expected Behavior
After the first initial use of the Smokeping website every further click should load in ms instead of seconds.
Steps To Reproduce
Use the latest new NGINX docker image release.
Environment
CPU architecture
x86-64
Docker creation
Container logs