bug:Problems that may be caused by session cache and keepalive_reques #7237
Comments
|
@hahayyum Have you tried a newer APISIX version? |
|
@tokers There are still problems with version 2.12, and there is no relevant modification records in the changelog. I think the problem may still exist. I prefer to clarify the reasons and then make changes. Because it has been applied to the online environment, it is not very convenient to upgrade. |
|
@hahayyum OK, could you give the reproduce steps (including the route, upstream, and other core objects), so that we can reproduce it on our local? |
|
curl http://apisix-admin.1-default-ns.svc.cluster.local:9180/apisix/admin/ssl/11111 -X PUT -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -d ' curl http://apisix-admin.1-default-ns.svc.cluster.local:9180/apisix/admin/routes/testapisix -X PUT -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -d ' Certificates, keys, and upstream can be constructed casually, as long as they can be accessed using HTTPS. We use Java okhttp to establish an HTTP1.1 connection for access /test. We use k8s apiserver as the back-end service, and we can also use other |
|
@hahayyum I'm not sure if this problem is related to the issue you given. @tzssangglass Could you take a look? Thanks! |
tzssangglass
added
checking
hi @hahayyum, it looks like the fix for your problem is not due to #6906.
The difference between these two logs is: apisix/conf/config-default.yaml Line 223 in 4581627 It looks like some reason led to the selection of another node. |
|
@tzssangglass Maybe cross upstream connection pool? |
|
@tokers @tzssangglass I modified it according to the fix of #6906, and found that the problem was solved after a simple test, but further testing is needed. guess: after verification: so: |
cc @spacewander PTAL |
|
The #6906 fixes a bug about the TLS session reuse. Maybe it is relative to your problem. |
|
This issue has been marked as stale due to 350 days of inactivity. It will be closed in 2 weeks if no further activity occurs. If this issue is still relevant, please simply write any comment. Even if closed, you can still revive the issue at any time or discuss it on the [email protected] list. Thank you for your contributions. |
|
This issue has been closed due to lack of activity. If you think that is incorrect, or the issue requires additional review, you can revive the issue at any time. |
Current Behavior
The route is accessed using https. When there are more than 100 requests in a long
connection, an exception occurs after the connection is reset.
keepalive_request default value is 100
When the number of requests is within 100, it is correct, the log information is as
follows:
10.23.34.11 - - [11/Jun/2022:18:29:23 +0000] 192.168.249.2:6443 "GET /test HTTP/1.1" 200
315 0.015 "-" "Java Client" 192.168.244.3:443 200 0.004 "https://192.168.249.2:6443"
When the number of requests exceeds 100, it is an error, and the log information is as
follows:
10.23.34.11 - - [11/Jun/2022:18:29:23 +0000] 192.168.249.2:6443 "GET /test HTTP/1.1" 200
315 0.015 "-" "Java Client" 192.168.244.5:8080 200 0.004 "http://192.168.249.2:6443"
Analysis summary:
The phenomenon of the log is: the https request is still coming in, but other routes are matched and resolved to http. After checking, the "ctx" context is nil
guess:
Connection reset occurs when the 100 request cap is triggered, then due to session cache or connection reset bug
Expected Behavior
When the upper limit of 100 requests is reached, the connection can be reset normally and the request can be normal
Error Logs
see description above
Steps to Reproduce
see description above
Environment
The text was updated successfully, but these errors were encountered: