来自 AWS 经典负载均衡器的虚假 504
Spurious 504s from AWS classic load balancer
我在 AWS Elastic Beanstalk 上有一个 REST API 运行,大部分时间都运行良好。但是,每隔几个小时,它就会在单个请求上返回 504,从而打嗝。这是 AWS 弹性负载均衡器(经典)日志:
2018-03-04T21:07:00.151327Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.216:57324 - -1 -1 -1 504 0 2497 0 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-SHA TLSv1
这是登录上下文:
2018-03-04T21:07:54.884768Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.216:57339 xxx.xxx.xxx.85:80 0.000041 0.134478 0.000084 200 200 2672 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-SHA TLSv1
2018-03-04T21:07:55.935722Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.216:57342 xxx.xxx.xxx.85:80 0.000067 0.107369 0.000075 200 200 5538 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-SHA TLSv1
2018-03-04T21:07:56.633812Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.226:33815 xxx.xxx.xxx.85:80 0.000041 0.149562 0.000079 200 200 332 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
2018-03-04T21:07:00.151327Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.216:57324 - -1 -1 -1 504 0 2497 0 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-SHA TLSv1
2018-03-04T21:08:00.521384Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.226:45505 xxx.xxx.xxx.85:80 0.000037 0.172259 0.000072 200 200 334 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
2018-03-04T21:08:02.896099Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.226:55647 xxx.xxx.xxx.112:80 0.000041 0.166058 0.000064 200 200 334 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
2018-03-04T21:08:08.914958Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.226:10771 xxx.xxx.xxx.85:80 0.000046 0.173661 0.000091 200 200 341 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
```
实际 ec2 实例的日志中没有报告相关的健康损失。
它似乎在重建底层 ec2 实例后消失了几天。
罪魁祸首是我的 .ebextensions 目录中的错误代理配置,特别是 proxy_connect_timeout、proxy_send_timeout 和 proxy_read_timeout:
的值过高
files:
"/etc/nginx/conf.d/proxy.conf" :
mode: "000644"
owner: root
group: root
content: |
client_max_body_size 500m;
proxy_buffers 8 16k;
proxy_buffer_size 32k;
proxy_connect_timeout 1800s;
proxy_send_timeout 1800s;
proxy_read_timeout 1800s;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 4;
gzip_static on;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
我最初设置这些是为了允许大量上传,但这是错误的。删除设置并重新部署非常有效。
我在 AWS Elastic Beanstalk 上有一个 REST API 运行,大部分时间都运行良好。但是,每隔几个小时,它就会在单个请求上返回 504,从而打嗝。这是 AWS 弹性负载均衡器(经典)日志:
2018-03-04T21:07:00.151327Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.216:57324 - -1 -1 -1 504 0 2497 0 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-SHA TLSv1
这是登录上下文:
2018-03-04T21:07:54.884768Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.216:57339 xxx.xxx.xxx.85:80 0.000041 0.134478 0.000084 200 200 2672 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-SHA TLSv1 2018-03-04T21:07:55.935722Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.216:57342 xxx.xxx.xxx.85:80 0.000067 0.107369 0.000075 200 200 5538 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-SHA TLSv1 2018-03-04T21:07:56.633812Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.226:33815 xxx.xxx.xxx.85:80 0.000041 0.149562 0.000079 200 200 332 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 2018-03-04T21:07:00.151327Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.216:57324 - -1 -1 -1 504 0 2497 0 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-SHA TLSv1 2018-03-04T21:08:00.521384Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.226:45505 xxx.xxx.xxx.85:80 0.000037 0.172259 0.000072 200 200 334 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 2018-03-04T21:08:02.896099Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.226:55647 xxx.xxx.xxx.112:80 0.000041 0.166058 0.000064 200 200 334 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 2018-03-04T21:08:08.914958Z awseb-e-x-AWSEBLoa-abc123 xxx.xxx.xxx.226:10771 xxx.xxx.xxx.85:80 0.000046 0.173661 0.000091 200 200 341 93 "POST https://my.api.com:443/v1/data/add HTTP/1.1" "-" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ```
实际 ec2 实例的日志中没有报告相关的健康损失。
它似乎在重建底层 ec2 实例后消失了几天。
罪魁祸首是我的 .ebextensions 目录中的错误代理配置,特别是 proxy_connect_timeout、proxy_send_timeout 和 proxy_read_timeout:
files:
"/etc/nginx/conf.d/proxy.conf" :
mode: "000644"
owner: root
group: root
content: |
client_max_body_size 500m;
proxy_buffers 8 16k;
proxy_buffer_size 32k;
proxy_connect_timeout 1800s;
proxy_send_timeout 1800s;
proxy_read_timeout 1800s;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 4;
gzip_static on;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
我最初设置这些是为了允许大量上传,但这是错误的。删除设置并重新部署非常有效。