[ckan-dev] SSL SYSCALL Error

Karen Turner karen at catalyst.net.nz
Wed Sep 19 22:45:11 UTC 2018


We  used similar values.  But we hosted the database ourselves on a
ubuntu box.

I've not done it on Azure.

It did fix the issue for us.  The stackoverflow question matched our
issue with it being a statefull firewall that causing the issue.

So doing the keepalive meant that the firewall did not drop the
connection.  The firewall would drop the connection with out notifying
either end that the socket was closing.

Cheers
  Karen

On 20/09/18 06:50, Biz Tweets wrote:
> So i set the following values in my postgresql.conf file and it didnt
> work when i forced a disconnect. I was still getting the SSL SysCall
> error after 5 minutes.
> 
> tcp_keepalives_idle=300
> tcp_keepalives_interval=30
> tcp_keepalives_count=60
> 
> My postgres server is hosted on Azure.
> 
> 
> On Wed, Sep 19, 2018 at 9:44 AM Biz Tweets <optweets at gmail.com
> <mailto:optweets at gmail.com>> wrote:
> 
>     Where and what settings did you set for postgres keep alive?
> 
>     I found this reference but I want to just confirm since you got it
>     working.
> 
>     https://stackoverflow.com/questions/6592137/sqlalchemy-fails-to-connect-to-db-after-server-is-idle-for-a-few-hours
> 
>     On Tue, Sep 18, 2018 at 4:51 PM Karen Turner <karen at catalyst.net.nz
>     <mailto:karen at catalyst.net.nz>> wrote:
> 
>         Hi
> 
>         I've had this issue when the firewall between ckan and Postgres
>         would
>         drop inactive connections.  Looks like the way SQL Alchemy is used
>         doesn't retry.
> 
>         The work around I used was to change the Postgres configuration
>         to use
>         keep alives.
> 
>         Karen
> 
>         On 19/09/18 02:44, Ross Jones wrote:
>         > I think it's probably https://github.com/ckan/ckan/issues/3415
>         >
>         > If you search the mailing list I think this has come up
>         before. I work
>         > around it with pgbouncer but I think there was a thread with an
>         > alternative solution. 
>         >
>         > Ross
>         >
>         >
>         >
>         >



More information about the ckan-dev mailing list