Performance issues with nginx proxy

Tags: #<Tag:0x00007f6182ab7580> #<Tag:0x00007f6182ab74b8>
  • Platform information:
    • Hardware: Raspnerry Pi 2
    • OS: CentOS 7
    • Java Runtime Environment: zulu latest
    • openHAB version: 2.3.0

Hi,
i have some performance issues with nginx in front of openhab 2. The load time from openhab without nginx is round about a second but if i open the webinterface over nginx there is a very high load time from more than 5 seconds before the webinterface is accessable…

The nginx is running on a separate server and used as proxy for multiple applications. No one of the other apps (e. g. Ubiquiti Unifi Controller, also a Java application) behind this proxy has these issues, so i have no idea what’s causing the problems with openhab…

Has anyone noticed similar behavior?

Could we see your nginx configuration? I’m assuming it’s similar to the one suggested.

Yes, vhost server block is the same as mentioned in the docs with (i think so :slight_smile: ) not necessary differents:

  • use nginx upstrean instead of direct proxy pass

upstream backend {
server 1.2.3.4:8443;
}

server {
listen 80;
server_name myserver.example.com;

return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl;
server_name myserver.example.com;

location / {
    proxy_pass https://backend;

    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

ssl_certificate /etc/pki/tls/certs/mycert;
ssl_certificate_key /etc/pki/tls/private/mykey;

}

  • strict ssl settings

ssl_ciphers ‘ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA’;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2;
ssl_session_cache shared:SSL:10m;

  • some heades

add_header Strict-Transport-Security “nginx_hsts_max_age=63072000; includeSubDomains”;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection “1; mode=block”;

  • and basic gzip compression setting in nginx.conf

I’m not sure unfortunately.

What is taking the largest amount of time when you look at the performance metrics (inside chrome or firefox) and refreshing the page?

I can’t say at the moment but will have a look at home :slight_smile:

Ok, i found the “issue”… so what i figured out:

browser — https —> nginx — https —> openhab

endless slow… chrome says 5s

browser — https —> nginx — http —> openhab

works good, < 1s

browser — https —> openhab

works good, < 1s

I have no idea whats going on and why nginx with ssl passthrough to openhab is so slow… Any suggestions?

@Benjy can you reproduce this behaviour? Should we open an issue for this?

I won’t be able to for a couple of days, but will try and let you know what I find soon.

@Benjy any news? Otherwise i can also open an issue.