Woimira kasitomala wathu, yemwe ntchito yake imakhala mumtambo wa Microsoft (Azure), adathana ndi vuto: posachedwa, zopempha zina kuchokera kwa makasitomala ena ochokera ku Europe zidayamba kutha ndi cholakwika 400.). Mapulogalamu onse amalembedwa mu .NET, atumizidwa ku Kubernetes...
Chimodzi mwazogwiritsa ntchito ndi API, momwe magalimoto onse amabwera. Magalimoto awa amamvedwa ndi seva ya HTTP , yokonzedwa ndi kasitomala wa .NET ndikusungidwa mu pod. Ndi kukonza zolakwika, tinali ndi mwayi chifukwa panali wogwiritsa ntchito wina yemwe adatulutsanso vutolo. Komabe, zonse zinali zovuta chifukwa cha kuchuluka kwa magalimoto:
Cholakwika mu Ingress chinkawoneka chonchi:
{
"number_fields":{
"status":400,
"request_time":0.001,
"bytes_sent":465,
"upstream_response_time":0,
"upstream_retries":0,
"bytes_received":2328
},
"stream":"stdout",
"string_fields":{
"ingress":"app",
"protocol":"HTTP/1.1",
"request_id":"f9ab8540407208a119463975afda90bc",
"path":"/api/sign-in",
"nginx_upstream_status":"400",
"service":"app",
"namespace":"production",
"location":"/front",
"scheme":"https",
"method":"POST",
"nginx_upstream_response_time":"0.000",
"nginx_upstream_bytes_received":"120",
"vhost":"api.app.example.com",
"host":"api.app.example.com",
"user":"",
"address":"83.41.81.250",
"nginx_upstream_addr":"10.240.0.110:80",
"referrer":"https://api.app.example.com/auth/login?long_encrypted_header",
"service_port":"http",
"user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36",
"time":"2019-03-06T18:29:16+00:00",
"content_kind":"cache-headers-not-present",
"request_query":""
},
"timestamp":"2019-03-06 18:29:16",
"labels":{
"app":"nginx",
"pod-template-generation":"6",
"controller-revision-hash":"1682636041"
},
"namespace":"kube-nginx-ingress",
"nsec":6726612,
"source":"kubernetes",
"host":"k8s-node-55555-0",
"pod_name":"nginx-v2hcb",
"container_name":"nginx",
"boolean_fields":{}
}Pa nthawi yomweyo, Kestrel anapereka:
HTTP/1.1 400 Bad Request
Connection: close
Date: Wed, 06 Mar 2019 12:34:20 GMT
Server: Kestrel
Content-Length: 0Ngakhale ndi verbosity yayikulu, cholakwika cha Kestrel chinalipo kwambiri zambiri zothandiza:
{
"number_fields":{"ThreadId":76},
"stream":"stdout",
"string_fields":{
"EventId":"{"Id"=>17, "Name"=>"ConnectionBadRequest"}",
"SourceContext":"Microsoft.AspNetCore.Server.Kestrel",
"ConnectionId":"0HLL2VJSST5KV",
"@mt":"Connection id "{ConnectionId}" bad request data: "{message}"",
"@t":"2019-03-07T13:06:48.1449083Z",
"@x":"Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Malformed request: invalid headers.n at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection)n at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.<ProcessRequestsAsync>d__185`1.MoveNext()",
"message":"Malformed request: invalid headers."
},
"timestamp":"2019-03-07 13:06:48",
"labels":{
"pod-template-hash":"2368795483",
"service":"app"
},
"namespace":"production",
"nsec":145341848,
"source":"kubernetes",
"host":"k8s-node-55555-1",
"pod_name":"app-67bdcf98d7-mhktx",
"container_name":"app",
"boolean_fields":{}
}Zingawoneke kuti tcpdump yokha ndi yomwe ingathandize kuthetsa vutoli ...
Kufufuza
Mwachiwonekere, ndi bwino kumvera magalimoto pa node yeniyeniyo, kumene Kubernetes watumiza pod: kuchuluka kwa kutaya kudzakhala kotero kuti n'zotheka kupeza osachepera chinachake mofulumira kwambiri. Ndipo ndithudi, pochifufuza, chimango chotsatirachi chinadziwika:
GET /back/user HTTP/1.1
Host: api.app.example.com
X-Request-ID: 27ceb14972da8c21a8f92904b3eff1e5
X-Real-IP: 83.41.81.250
X-Forwarded-For: 83.41.81.250
X-Forwarded-Host: api.app.example.com
X-Forwarded-Port: 443
X-Forwarded-Proto: https
X-Original-URI: /front/back/user
X-Scheme: https
X-Original-Forwarded-For: 83.41.81.250
X-Nginx-Geo-Client-Country: Spain
X-Nginx-Geo-Client-City: M.laga
Accept-Encoding: gzip
CF-IPCountry: ES
CF-RAY: 4b345cfd1c4ac691-MAD
CF-Visitor: {"scheme":"https"}
pragma: no-cache
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
referer: https://app.example.com/auth/login
accept-language: en-US,en;q=0.9,en-GB;q=0.8,pl;q=0.7
cookie: many_encrypted_cookies; .AspNetCore.Identity.Application=something_encrypted;
CF-Connecting-IP: 83.41.81.250
True-Client-IP: 83.41.81.250
CDN-Loop: cloudflare
HTTP/1.1 400 Bad Request
Connection: close
Date: Wed, 06 Mar 2019 12:34:20 GMT
Server: Kestrel
Content-Length: 0
Atayang'anitsitsa bwino malo otayirapo, mawuwo adadziwika M.laga. Ndizosavuta kuganiza kuti kulibe mzinda wa M.laga ku Spain (koma ulipo ). Potengera lingaliro ili, tidayang'ana ma Ingress configs, pomwe tidawona omwe adayikidwa mwezi watha (pa pempho la kasitomala) "zopanda vuto" mawu pang'ono:
ingress.kubernetes.io/configuration-snippet: |
proxy_set_header X-Nginx-Geo-Client-Country $geoip_country_name;
proxy_set_header X-Nginx-Geo-Client-City $geoip_city;Pambuyo poletsa kutumiza kwa mitu iyi, zonse zidakhala bwino! (Posakhalitsa zidadziwika kuti pulogalamuyo sikufunikanso mitu iyi.)
Tsopano tiyeni tione vuto zambiri zambiri. Itha kupangidwanso mosavuta mkati mwa pulogalamuyi popanga pempho la telnet localhost:80:
GET /back/user HTTP/1.1
Host: api.app.example.com
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
Cookie: test=Desiree
... amabwerera 401 Unauthorized, monga kuyembekezera. Chimachitika ndi chiyani tikachita:
GET /back/user HTTP/1.1
Host: api.app.example.com
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
Cookie: test=DΓ©sirΓ©e?
Adzabweranso 400 Bad request - mu chipika cholembera tidzalandira cholakwika chomwe timachidziwa kale:
{
"@t":"2019-03-31T12:59:54.3746446Z",
"@mt":"Connection id "{ConnectionId}" bad request data: "{message}"",
"@x":"Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Malformed request: invalid headers.n at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection)n at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.<ProcessRequestsAsync>d__185`1.MoveNext()",
"ConnectionId":"0HLLLR1J974L9",
"message":"Malformed request: invalid headers.",
"EventId":{
"Id":17,
"Name":"ConnectionBadRequest"
},
"SourceContext":"Microsoft.AspNetCore.Server.Kestrel",
"ThreadId":71
}Zotsatira
Makamaka Kestrel konzani bwino mitu ya HTTP yokhala ndi zilembo zolondola mu UTF-8, zomwe zili m'maina amizinda yambiri.
Chinthu chinanso mwa ife ndikuti kasitomala sakukonzekera kusintha kukhazikitsidwa kwa Kestrel muzogwiritsira ntchito. Komabe, nkhani mu AspNetCore palokha (, ) amati izi sizingathandize...
Mwachidule: cholembacho sichimakhudzanso mavuto enieni a Kestrel kapena UTF-8 (mu 2019?!), Koma ponena za kuti kulingalira ndi kuphunzira kosalekeza Chilichonse chomwe mungatenge posakasaka mavuto chidzabala zipatso posachedwa. Zabwino zonse!
PS
Werenganinso pa blog yathu:
- Β«";
- Β«";
- Β«";
- Β«";
- Β«".
Source: www.habr.com