ProHoster > Π‘Π»ΠΎΠ³ > administratio > De vita cum Kubernetibus: Quomodo HTTP ministrator Hispanis non favet

De vita cum Kubernetibus: Quomodo HTTP ministrator Hispanis non favet

De vita cum Kubernetibus: Quomodo HTTP ministrator Hispanis non favet

Repraesentativum clientis nostri, cuius application ACERVUS in nube Microsoft (Azure residet) quaestionem proposuit: Nuper quaedam petitiones clientium ex Europa aliquarum 400 errore finire coeperunt.Postulatum malum). Omnes applicationes in .NET scriptae sunt, in Kubernetes explicaverunt...

Una applicationum est API, per quam omnia negotiatio tandem venit. Hoc negotiationis audiatur ab HTTP servo Falcoconfiguratum per .NET clientem et hosted in vasculum. Cum debugging, fortunati sumus eo sensu quod usor specificus erat qui quaestionem constanter expressit. Sed omnia per catenam negotiationis perplexa sunt;

De vita cum Kubernetibus: Quomodo HTTP ministrator Hispanis non favet

Error in Ingress vidi sic: 

{
   "number_fields":{
      "status":400,
      "request_time":0.001,
      "bytes_sent":465,
      "upstream_response_time":0,
      "upstream_retries":0,
      "bytes_received":2328
   },
   "stream":"stdout",
   "string_fields":{
      "ingress":"app",
      "protocol":"HTTP/1.1",
      "request_id":"f9ab8540407208a119463975afda90bc",
      "path":"/api/sign-in",
      "nginx_upstream_status":"400",
      "service":"app",
      "namespace":"production",
      "location":"/front",
      "scheme":"https",
      "method":"POST",
      "nginx_upstream_response_time":"0.000",
      "nginx_upstream_bytes_received":"120",
      "vhost":"api.app.example.com",
      "host":"api.app.example.com",
      "user":"",
      "address":"83.41.81.250",
      "nginx_upstream_addr":"10.240.0.110:80",
      "referrer":"https://api.app.example.com/auth/login?long_encrypted_header",
      "service_port":"http",
      "user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36",
      "time":"2019-03-06T18:29:16+00:00",
      "content_kind":"cache-headers-not-present",
      "request_query":""
   },
   "timestamp":"2019-03-06 18:29:16",
   "labels":{
      "app":"nginx",
      "pod-template-generation":"6",
      "controller-revision-hash":"1682636041"
   },
   "namespace":"kube-nginx-ingress",
   "nsec":6726612,
   "source":"kubernetes",
   "host":"k8s-node-55555-0",
   "pod_name":"nginx-v2hcb",
   "container_name":"nginx",
   "boolean_fields":{}
}

Eodem tempore Kestrel dedit;

HTTP/1.1 400 Bad Request
Connection: close
Date: Wed, 06 Mar 2019 12:34:20 GMT
Server: Kestrel
Content-Length: 0

Etiam cum maxima verbositate, Kestrel error maxime continebat parum utilis notitia:

{
   "number_fields":{"ThreadId":76},
   "stream":"stdout",
   "string_fields":{
      "EventId":"{"Id"=>17, "Name"=>"ConnectionBadRequest"}",
      "SourceContext":"Microsoft.AspNetCore.Server.Kestrel",
      "ConnectionId":"0HLL2VJSST5KV",
      "@mt":"Connection id "{ConnectionId}" bad request data: "{message}"",
      "@t":"2019-03-07T13:06:48.1449083Z",
      "@x":"Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Malformed request: invalid headers.n   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection)n   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.<ProcessRequestsAsync>d__185`1.MoveNext()",
      "message":"Malformed request: invalid headers."
   },
   "timestamp":"2019-03-07 13:06:48",
   "labels":{
      "pod-template-hash":"2368795483",
      "service":"app"
   },
   "namespace":"production",
   "nsec":145341848,
   "source":"kubernetes",
   "host":"k8s-node-55555-1",
   "pod_name":"app-67bdcf98d7-mhktx",
   "container_name":"app",
   "boolean_fields":{}
}

Videtur quod solum tcpdump hoc problema solvendum iuvabit... sed repetam de catena negotiationis:

De vita cum Kubernetibus: Quomodo HTTP ministrator Hispanis non favet

Inquisitionis

Patet, melius est audire negotiationem eo specifica nodiubi Kubernetes vasculum explicavit: talis erit volubilis TUBER, ut aliquid saltem satis cito reperire potuerit. Et quidem, cum illud exploraremus, animadversa est haec tabula;

GET /back/user HTTP/1.1
Host: api.app.example.com
X-Request-ID: 27ceb14972da8c21a8f92904b3eff1e5
X-Real-IP: 83.41.81.250
X-Forwarded-For: 83.41.81.250
X-Forwarded-Host: api.app.example.com
X-Forwarded-Port: 443
X-Forwarded-Proto: https
X-Original-URI: /front/back/user
X-Scheme: https
X-Original-Forwarded-For: 83.41.81.250
X-Nginx-Geo-Client-Country: Spain
X-Nginx-Geo-Client-City: M.laga
Accept-Encoding: gzip
CF-IPCountry: ES
CF-RAY: 4b345cfd1c4ac691-MAD
CF-Visitor: {"scheme":"https"}
pragma: no-cache
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
referer: https://app.example.com/auth/login
accept-language: en-US,en;q=0.9,en-GB;q=0.8,pl;q=0.7
cookie: many_encrypted_cookies; .AspNetCore.Identity.Application=something_encrypted; 
CF-Connecting-IP: 83.41.81.250
True-Client-IP: 83.41.81.250
CDN-Loop: cloudflare

HTTP/1.1 400 Bad Request
Connection: close
Date: Wed, 06 Mar 2019 12:34:20 GMT
Server: Kestrel
Content-Length: 0

In propius inspectione TUBER, verbum animadversum est M.laga. Facile est suspicari M.laga nullam esse in Hispania urbem (sed est MΓ‘laga). Hanc notionem arripientes, configs Ingress inspeximus, ubi unum mensem ante (per huius rogationem) unum inserendum vidimus. "innocens" PRAECISIO:

    ingress.kubernetes.io/configuration-snippet: |
      proxy_set_header X-Nginx-Geo-Client-Country $geoip_country_name;
      proxy_set_header X-Nginx-Geo-Client-City $geoip_city;

Cum transmissiones horum capitis frangit, omnia denique facta sunt! (Mox mox apparuit, applicationem ipsam his capitibus non amplius egere.

Nunc videamus quaestionem magis plerumque. Facile in applicatione exprimi potest petitionem telnet faciendo localhost:80: 

GET /back/user HTTP/1.1
Host: api.app.example.com
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
Cookie: test=Desiree

... redit 401 Unauthorized, as expected. Quid accidit, si agimus;

GET /back/user HTTP/1.1
Host: api.app.example.com
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
Cookie: test=DΓ©sirΓ©e

?

Revertar 400 Bad request β€” in schedula applicationis errorem accipiemus, qui nobis iam familiaris est;

{
   "@t":"2019-03-31T12:59:54.3746446Z",
   "@mt":"Connection id "{ConnectionId}" bad request data: "{message}"",
   "@x":"Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Malformed request: invalid headers.n   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection)n   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.<ProcessRequestsAsync>d__185`1.MoveNext()",
   "ConnectionId":"0HLLLR1J974L9",
   "message":"Malformed request: invalid headers.",
   "EventId":{
      "Id":17,
      "Name":"ConnectionBadRequest"
   },
   "SourceContext":"Microsoft.AspNetCore.Server.Kestrel",
   "ThreadId":71
}

results

Speciatim Kestrel potes recte processum HTTP capitis cum characteribus rectis in UTF-8, quae nominibus in magno numero civitatum continentur.

Additamentum in causa nostra est quod cliens in applicatione Kestrel exsecutionem mutare non nunc in animo habet. Tamen in ipsa AspNetCore exit (β„–4318, β„–7707) dicunt hoc non prodesse.

Summatim: nota non iam de quaestionibus specificis Kestrel vel UTF-8 (anno 2019?!), sed de facto quod mentem et constantem studium Singulos gradus quos tuleris dum quaestiones quaerendo citius aut serius fructum feret. Bene vale!

PS

Lege etiam in nostro diario:

Source: www.habr.com