Haproxy 1.5 504 Encomendas Duplicadas Verificação de Woocommerce

1

Meu balanceador de carga HAProxy 1.5 ocasionalmente recebe erro 504 de um dos nós de back-end. O erro 504 é específico apenas para o Woocommerce / checkout. O terminal / checkout chama o gateway de pagamento no lado do servidor e o Woocommerce captura o status de pagamento e redireciona o usuário para a página de agradecimento.

No administrador do Woocommerce, há pedidos duplicados do mesmo cliente. Eu estou suspeitando que poderia ser o tempo limite de um nó e passando a solicitação para o próximo nó enquanto a transação ainda está pendente no primeiro nó.

Aqui está um exemplo de um erro 504. Parece que há um período de espera de 8 minutos (16:51 - 16:43).

Apr  1 16:43:47 LB1 haproxy[31955]: 115.66.152.19:28289 [01/Apr/2017:16:43:00.738] www-http m-backend/node2 46183/0/0/191/46374 200 1538 - - ---- 2/2/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"
Apr  1 16:52:05 LB1 haproxy[31955]: 115.66.152.19:11502 [01/Apr/2017:16:52:05.984] www-http m-backend/node2 0/0/0/5/5 200 202 - - ---- 3/3/1/1/0 0/0 {http://<clientDomain>/checkout/} "GET /favicon.ico HTTP/1.1"
Apr  1 16:52:09 LB1 haproxy[31955]: 115.66.152.19:43861 [01/Apr/2017:16:51:09.123] www-http m-backend/node1 0/0/1/-1/60002 504 195 - - sH-- 2/2/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"

Outro exemplo:

Mar 31 13:05:04 LB1 haproxy[31955]: 222.164.62.123:52201 [31/Mar/2017:13:05:04.157] www-http m-backend/node2 0/0/1/142/143 200 1364 - - ---- 4/4/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"
Mar 31 13:06:18 LB1 haproxy[31955]: 222.164.62.123:52201 [31/Mar/2017:13:05:04.301] www-http m-backend/node1 14684/0/0/-1/74685 504 195 - - sH-- 0/0/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"

Dois pares de pedidos duplicados:

mysql> select * from wp_posts where ID in (468,469,470,471);
+-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+
| ID  | post_author | post_date           | post_date_gmt       | post_content | post_title                              | post_excerpt | post_status   | comment_status | ping_status | post_password       | post_name                   | to_ping | pinged | post_modified       | post_modified_gmt   | post_content_filtered | post_parent | guid                                                                | menu_order | post_type      | post_mime_type | comment_count |
+-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+
| 468 |           X | 2017-03-31 21:09:24 | 2017-03-31 13:09:24 |              | Order &ndash; March 31, 2017 @ 09:09 PM |              | wc-processing | open           | closed      | order_58de5501aeffb | order-mar-31-2017-0109-pm   |         |        | 2017-03-31 21:09:24 | 2017-03-31 13:09:24 |                       |           0 | http://<clientDomain>/?post_type=shop_order&#038;p=468 |          0 | shop_order |                |             2  |
| 469 |           X | 2017-03-31 21:10:01 | 2017-03-31 13:10:01 |              | Order &ndash; March 31, 2017 @ 09:10 PM |              | wc-processing | open           | closed      | order_58de5527335c1 | order-mar-31-2017-0109-pm-2 |         |        | 2017-03-31 21:10:01 | 2017-03-31 13:10:01 |                       |           0 | http://<clientDomain>/?post_type=shop_order&#038;p=469 |          0 | shop_order |                |             2  |
| 470 |           X | 2017-04-02 00:55:21 | 2017-04-01 16:55:21 |              | Order &ndash; April 2, 2017 @ 12:55 AM  |              | wc-processing | open           | closed      | order_58dfdb75c2b0a | order-apr-01-2017-0455-pm   |         |        | 2017-04-02 00:55:21 | 2017-04-01 16:55:21 |                       |           0 | http://<clientDomain>/?post_type=shop_order&#038;p=470 |          0 | shop_order |                |             2  |
| 471 |           X | 2017-04-02 00:56:28 | 2017-04-01 16:56:28 |              | Order &ndash; April 2, 2017 @ 12:56 AM  |              | wc-processing | open           | closed      | order_58dfdbba98bce | order-apr-01-2017-0456-pm   |         |        | 2017-04-02 00:56:28 | 2017-04-01 16:56:28 |                       |           0 | http://<clientDomain>/?post_type=shop_order&#038;p=471 |          0 | shop_order |                |             2  |
+-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+

haproxy.cfg

global
    log /dev/log      local0
    log /dev/log      local1 notice
    #chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
    daemon

    # Default SSL material locations
    ca-base /etc/ssl/certs
    crt-base /etc/ssl/private

    # Default ciphers to use on SSL-enabled listening sockets.
    # For more information, see ciphers(1SSL). This list is from:
    #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
    ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
    ssl-default-bind-options no-sslv3

    maxconn 3000
    tune.ssl.default-dh-param 2048

defaults
    log global
    mode        http
    option      httplog
    option      dontlognull
    option      forwardfor
    option      http-server-close
        timeout connect 5000
        timeout client  50000
        timeout server  50000

    stats enable
    stats uri /stats
    stats realm Haproxy\ Statistics
    stats auth <user>:<password>

    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http

frontend www-http
    bind *:80
    bind *:443 ssl crt /home/lb1/ssl_certs/cert1.pem
    reqadd X-Forwarded-Proto:\ http
    timeout client          1m
    default_backend m-backend
    capture request header Referer len 64

backend m-backend
    balance roundrobin
    timeout connect         10s
    timeout server          1m
    server node1      node1:80 check
    server node2      node2:80 check
    http-request set-header X-Forwarded-Port %[dst_port]
    http-request add-header X-Forwarded-Proto https if { ssl_fc }
    
por user2176499 03.04.2017 / 11:35

0 respostas