C
CrowdSec3w ago
Dimitar

Openresty bouncer disconnects from CrowdSec

Hi team, need support hence joining the channel here, need to admit this is my fist post here... Our setup: We are using the drop-in replacement of Nginx Proxy Manager (lepresidente/nginxproxymanager) runnign in Docker of course, CrowdSec is also running in Docker. The problem: Since approximately two weeks, we started noticing our openresty bouncers (remediation components) were reported as inactive in the console. We noticed the attached error messages in the CrowdSec container logs. The bouncers are configured in Stream mode, since Live mode was too heavy on the servers. Here's a quick snip on the issue: time="2025-08-06T18:14:44Z" level=info msg="172.18.0.6 - [Wed, 06 Aug 2025 18:14:44 UTC] "GET /v1/decisions/stream?startup=true HTTP/1.1 500 3.001639492s "crowdsec-openresty-bouncer/v1.1.0" "" time="2025-08-06T18:14:54Z" level=warning msg="QueryAllDecisionsWithFilters : context canceled" time="2025-08-06T18:14:54Z" level=error msg="failed querying decisions: get all decisions with filters: unable to query" After few attempts, the bouncer stops trying. Checking via "cscli bouncer list" does not show recent API pull. We attempted removing and reconfiguring the CrowdSec container on few servers, the result: - on some the issue appeared to be resolved initially, after few hours the issue reappears - on other the issue cannot be fixed with reinstall/reconfigure We have other engines/bouncers with the same setup that are not licensed. We cannot see the issue thre, the setup is identical. Looking for some assistance please.

message.txt

13 Replies
CrowdSec
CrowdSec3w ago
Important Information
This post has been marked as resolved. If this is a mistake please press the red button below or type /unresolve
© Created By WhyAydan for CrowdSec ❤️
CrowdSec
CrowdSec3w ago
Resolving Openresty bouncer disconnects from CrowdSec This has now been resolved. If you think this is a mistake please run /unresolve Unresolving Openresty bouncer disconnects from CrowdSec This has now been unresolved.
Dimitar
DimitarOP3w ago
Forgot to mention we are on the latest version as follows: 4a995986dbca:/# crowdsec --version version: v1.6.11-d64ee2ae Codename: alphaga BuildDate: 2025-07-23_13:26:59 GoVersion: 1.24.5 Platform: docker libre2: C++ User-Agent: crowdsec/v1.6.11-d64ee2ae-docker Constraint_parser: >= 1.0, <= 3.0 Constraint_scenario: >= 1.0, <= 3.0 Constraint_api: v1 Constraint_acquis: >= 1.0, < 2.0 Built-in optional components: datasource_appsec, datasource_cloudwatch, datasource_docker, datasource_file, datasource_http, datasource_journalctl, datasource_k8s-audit, datasource_kafka, datasource_kinesis, datasource_loki, datasource_s3, datasource_syslog, datasource_victorialogs, datasource_wineventlog Excluded components: cscli_setup Just tested Live vs Stream mode on the bouncer, Live appears to be working just fine, Stream mode is the one that is problematic up! no one with ideas?
iiamloz
iiamloz3w ago
If you are enterprise then there enterprise support via console chat window, we dont know on discord if you are enterprise. The Lepresidente image is now no longer recieving updates as Lepresidente doesnt use it anymore and doesnt have time to maintain the image, so you may want to look into other alternatives like NPMPlus. It seems it may be any issue with a timeout, how many decisions do you have?
Dimitar
DimitarOP3w ago
Thanks for the response, we are licensed yes, will reach out over the chat in the console. I now see Lepresidente released new version 23 days ago, maybe the source of the issue... I cannot see anywhere statement that the image is not maintained, I guess you are righ... bummer Decisions vary per server, two examples just checked, one has zero, second has 20-ish decisions The funny part is that it looks like only the licensed servers are impacted...
No description
No description
iiamloz
iiamloz3w ago
The funny part is that it looks like only the licensed servers are impacted...
Most likely its because they get the full blocklists and its currently over 70k decisions
Dimitar
DimitarOP3w ago
The folks over the console chat helped already, the bouncer config has a setting which by default is REQUEST_TIMEOUT=3000 (3 sec), they advised me to bump it to REQUEST_TIMEOUT=10000; 5 out of 12 bouncers are working now... looks like this is the cure
iiamloz
iiamloz3w ago
that was me 😄 I was speaking in two places, glad it resolved, dont forget to checkout the chunk decisions
Dimitar
DimitarOP3w ago
Thank you sir!!! 😍 chund decisions? not sure what this is...
iiamloz
iiamloz3w ago
https://docs.crowdsec.net/docs/next/configuration/feature_flags/#list-of-available-feature-flags
Feature Flags | CrowdSec
In order to make it easier for users to test and experiment with new features, CrowdSec uses the concept of "feature flags".
iiamloz
iiamloz3w ago
chunked_decisions_stream: Enable chunked decisions stream. Useful when you have a lot of remediation pulling from the same local API, as it reduces the memory consumption related to decision fetch.
chunked_decisions_stream: Enable chunked decisions stream. Useful when you have a lot of remediation pulling from the same local API, as it reduces the memory consumption related to decision fetch.
Dimitar
DimitarOP3w ago
both implemented successfully, thanks for the assistance once again
CrowdSec
CrowdSec3w ago
Resolving Openresty bouncer disconnects from CrowdSec This has now been resolved. If you think this is a mistake please run /unresolve

Did you find this page helpful?