Comments (7)
Thanks for your advice!
I figured it out that I truly need is to close any_proxy
when err happens in accepting
I don't know why there are so many new connections. Probably my wrong configurations in iptables
create a "self-loop". It happens rarely so restarting is good to me. Thank you again for your time!
from go-any-proxy.
In your case, how many file descriptors are open when they become exhausted? Also, what is your load profile? How many connections per second does any_proxy see? What type of hardware are you running it on (number of CPUs, memory)?
from go-any-proxy.
Sorry I didn't monitor that information like reqs/sec.
I tried to monitor /porc/{any_proxy_pid}/fd
. But once fds are suddenly exhausted, I cannot even run ls /porc/{any_proxy_pid}/fd
so it is hard to track #fd, which is why I hope any_proxy
could prevent this happening.
I have run ulimit -n 65535
before running any_proxy
.
I run it on a single-core x64 CPU with 512 MB memory. The any_proxy
repeatedly logs the following lines when it runs at 100% CPU:
2020/02/06 00:32:05 any_proxy.go:360: : INFO : Error accepting connection: accept tcp [::]:3140: accept4: too many open files
2020/02/06 00:32:05 any_proxy.go:360: : INFO : Error accepting connection: accept tcp [::]:3140: accept4: too many open files
from go-any-proxy.
any_proxy (really the kernel) is denying connections and instead logging that it couldn't accept an incoming connection because it was out of resources.
A single core with half a gig of memory isn't very much, especially if the machine is seeing any type of load. You could try increasing the number of available file descriptors with ulimit -n 250000
, but I think that is going to just cause more problems. Each incoming connection needs memory (I can't remember how much off the top of my head though).
When I originally wrote any_proxy, I load tested it on a very big machine, like 72 cores and 100 GB of memory, and was able to get to 10k req/sec. Could you try adding more cores and memory to the machine and try again?
from go-any-proxy.
Yep, It did deny new connections. I think I should change the title to better express my problem. My bad.
Once it used up all fds, the os becomes "inoperable" because other processors like ssh cannot start new connections. If it could restart itself to release all connections instead of eating up all CPU to retry the "accept"(some buggy clients may keep many long TCP connections), at least the server can be operatable.
from go-any-proxy.
I forked and implemented this feature. My implementation will track all connections, and release the oldest ones if there are too many.
If you are interested in this I can submit a pull request.
from go-any-proxy.
The normal way this is handled in the unix world is by limiting incoming connections via the ulimit -n
command. In your case, on a small server (1 CPU, 0.5GB of memory), I would recommend keeping the ulimit for file-max
at the default of 1024. I suspect that will make it stable (assuming just a few clients are connecting to it).
That said, if your fork works for your use case, great. I'm not sure that the any_proxy community would really benefit from such an approach though. It is designed for high load and running on large machines. There are some fortune 100 companies that have been pushing 10k/req through it for years with no issues. Some of them are running it on 16 core VMs with 16GB of memory.
from go-any-proxy.
Related Issues (20)
- Log go version on startup
- Investigate TCP connection repair for HA
- Wrong logic for eth interface in init.d debian script
- Rules engine based on DNS
- I have written a tproxy listener socket, can you add this function to your proxy? HOT 1
- Panic invalid memory address nil pointer de reference HOT 3
- Disconnects from proxy server HOT 4
- MPTCP (Multipath TCP) support/testing HOT 3
- i installed any_proxy ,failed,how to fix it? HOT 2
- Can go-any-proxy Do This? HOT 3
- reverseLookupCache.hostnames need lock HOT 4
- Proxy HTTP requests HOT 2
- Failed to proxy HOT 10
- Installation instructions fail on impish HOT 4
- Use any-proxy as SMTP/IMAP forwarder HOT 1
- CONNECT always results in: HTTP/1.1 403 URLBlocked HOT 4
- TESTING: close clientConn at various times
- Rules based on SSL certificate HOT 6
- Change net.Dial to net.DialTCP HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-any-proxy.