Blog

Fixing nginx "Too many open files" errors

Posted on 2018-03-25 by jwage


At OpenSky, we recently migrated to the InstartLogic CDN. One of the features they provide is the ability to resize images by appending ?iresize=width:500,height:500 to your image URLs.

This feature allowed us to start serving static files directly through nginx instead of going through our application to generate the requested size. Now, InstartLogic does all the resizing work for us and our backend PHP servers are relieved of this responsibility.

This was a nice win for us but it introduced a slight new problem. Nginx started complaining about “Too many open files”. This was easily fixed for us by setting the worker_rlimit_nofile setting in the nginx.conf file to 30000.

worker_rlimit_nofile 30000;

After this change our backend PHP servers have a lighter load and the first request for an image through the CDN is much faster.

Forcing HTTPS for all traffic with F5 iRules

Posted on 2018-03-25 by jwage


If you want to force all traffic to HTTPS you can do so pretty easily by adding a F5 iRule to the HTTP VIP.

when HTTP_REQUEST {
    HTTP::redirect "https://[HTTP::host][HTTP::uri]"
}

You should have two virtual servers configured in the F5, one for HTTP and one for HTTPS. By adding the redirect iRule to the HTTP virtual server it will only be executed for traffic that comes in without HTTPS. This means the iRule code above does not need any kind of conditional to check what the protocol is and only redirect when it is not HTTPS.

If you wanted to wrap some other conditional around the redirect, say you don’t want to redirect one particular section of your site, you can do this:

when HTTP_REQUEST {
    if { not ([string tolower [HTTP::path]] starts_with "/non-secure-section") } {
        HTTP::redirect "https://[HTTP::host][HTTP::uri]"
    }
}

2014 Vacation Books

Posted on 2018-03-25 by jwage