incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Simon Eisenmann <si...@struktur.de>
Subject CouchDB pull replication from HTTPS does not recover after disconnect (hangs)
Date Wed, 10 Mar 2010 16:53:29 GMT
Hi,

have several CouchDB instances replicating through untrusted network
space. Thus these instances are behind a Nginx SSL-Proxy. Everything
works fine though when for whatever reason one of the connection breaks
then this pull replication never recovers. Even restarting the
replication job does not have any effect despite not giving an error.
Also in Futon the replication jobs are still reported as running (they
never go away).

I just have set up a local test environment with just two nodes
replicating to each other. One of the nodes is behind Nginx with SSL,
and the other is directly reachable unencrypted. When restarting the
unencrypted instance the pull replication on the other Couch recovers
like a charm and and things are in sync quickly again. Not so when i
restart the instance behind HTTPS. This replication never results in any
action again until the instance doing the pull replication is restarted.

After a couple bit of debugging i found that it seems like the _changes
feed is never again requested from the just restarted instance. As soon
as i restart the instance i get the following entry in the Nginx log:

10.1.1.201 - - [10/Mar/2010:17:40:50 +0100]
"GET /database_1/_changes?style=all_docs&heartbeat=10000&since=3135&feed=continuous
HTTP/1.1" 200 408 "-" "CouchDB/0.10.1"

This means the long running connection has just finished (this was the
former working replication request). Afterwards i would suspect the
Couch to start up such a request again, though this never happens.

I am using CouchDB 0.10.1 on Ubuntu 9.10 64bit with Nginx 0.7.62. 

Any help or ideas are highly appreciated
Simon



The nginx confiuration looks like so:

# -----------
server {
listen   8444;

ssl on;
ssl_certificate  cert.pem;
ssl_certificate_key  cert.key;

ssl_session_timeout  5m;

ssl_protocols  SSLv2 SSLv3 TLSv1;
ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers   on;
server_name somehost1;

proxy_buffering off;

access_log      /var/log/nginx/couchssl-access.log;

location / {

        proxy_pass http://127.0.0.1:5984;
        proxy_redirect default;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

}

}
# -----------


-- 
Simon Eisenmann

[ mailto:simon@struktur.de ]

[ struktur AG | Kronenstra├če 22a | D-70173 Stuttgart ]
[ T. +49.711.896656.68 | F.+49.711.89665610 ]
[ http://www.struktur.de | mailto:info@struktur.de ]

Mime
View raw message