Meu balanceador de carga HAProxy 1.5 ocasionalmente recebe erro 504 de um dos nós de back-end. O erro 504 é específico apenas para o Woocommerce / checkout. O terminal / checkout chama o gateway de pagamento no lado do servidor e o Woocommerce captura o status de pagamento e redireciona o usuário para a página de agradecimento.
No administrador do Woocommerce, há pedidos duplicados do mesmo cliente. Eu estou suspeitando que poderia ser o tempo limite de um nó e passando a solicitação para o próximo nó enquanto a transação ainda está pendente no primeiro nó.
Aqui está um exemplo de um erro 504. Parece que há um período de espera de 8 minutos (16:51 - 16:43).
Apr 1 16:43:47 LB1 haproxy[31955]: 115.66.152.19:28289 [01/Apr/2017:16:43:00.738] www-http m-backend/node2 46183/0/0/191/46374 200 1538 - - ---- 2/2/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"
Apr 1 16:52:05 LB1 haproxy[31955]: 115.66.152.19:11502 [01/Apr/2017:16:52:05.984] www-http m-backend/node2 0/0/0/5/5 200 202 - - ---- 3/3/1/1/0 0/0 {http://<clientDomain>/checkout/} "GET /favicon.ico HTTP/1.1"
Apr 1 16:52:09 LB1 haproxy[31955]: 115.66.152.19:43861 [01/Apr/2017:16:51:09.123] www-http m-backend/node1 0/0/1/-1/60002 504 195 - - sH-- 2/2/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"
Outro exemplo:
Mar 31 13:05:04 LB1 haproxy[31955]: 222.164.62.123:52201 [31/Mar/2017:13:05:04.157] www-http m-backend/node2 0/0/1/142/143 200 1364 - - ---- 4/4/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"
Mar 31 13:06:18 LB1 haproxy[31955]: 222.164.62.123:52201 [31/Mar/2017:13:05:04.301] www-http m-backend/node1 14684/0/0/-1/74685 504 195 - - sH-- 0/0/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"
Dois pares de pedidos duplicados:
mysql> select * from wp_posts where ID in (468,469,470,471);
+-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+
| ID | post_author | post_date | post_date_gmt | post_content | post_title | post_excerpt | post_status | comment_status | ping_status | post_password | post_name | to_ping | pinged | post_modified | post_modified_gmt | post_content_filtered | post_parent | guid | menu_order | post_type | post_mime_type | comment_count |
+-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+
| 468 | X | 2017-03-31 21:09:24 | 2017-03-31 13:09:24 | | Order – March 31, 2017 @ 09:09 PM | | wc-processing | open | closed | order_58de5501aeffb | order-mar-31-2017-0109-pm | | | 2017-03-31 21:09:24 | 2017-03-31 13:09:24 | | 0 | http://<clientDomain>/?post_type=shop_order&p=468 | 0 | shop_order | | 2 |
| 469 | X | 2017-03-31 21:10:01 | 2017-03-31 13:10:01 | | Order – March 31, 2017 @ 09:10 PM | | wc-processing | open | closed | order_58de5527335c1 | order-mar-31-2017-0109-pm-2 | | | 2017-03-31 21:10:01 | 2017-03-31 13:10:01 | | 0 | http://<clientDomain>/?post_type=shop_order&p=469 | 0 | shop_order | | 2 |
| 470 | X | 2017-04-02 00:55:21 | 2017-04-01 16:55:21 | | Order – April 2, 2017 @ 12:55 AM | | wc-processing | open | closed | order_58dfdb75c2b0a | order-apr-01-2017-0455-pm | | | 2017-04-02 00:55:21 | 2017-04-01 16:55:21 | | 0 | http://<clientDomain>/?post_type=shop_order&p=470 | 0 | shop_order | | 2 |
| 471 | X | 2017-04-02 00:56:28 | 2017-04-01 16:56:28 | | Order – April 2, 2017 @ 12:56 AM | | wc-processing | open | closed | order_58dfdbba98bce | order-apr-01-2017-0456-pm | | | 2017-04-02 00:56:28 | 2017-04-01 16:56:28 | | 0 | http://<clientDomain>/?post_type=shop_order&p=471 | 0 | shop_order | | 2 |
+-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+
haproxy.cfg
global
log /dev/log local0
log /dev/log local1 notice
#chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
# https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
maxconn 3000
tune.ssl.default-dh-param 2048
defaults
log global
mode http
option httplog
option dontlognull
option forwardfor
option http-server-close
timeout connect 5000
timeout client 50000
timeout server 50000
stats enable
stats uri /stats
stats realm Haproxy\ Statistics
stats auth <user>:<password>
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
frontend www-http
bind *:80
bind *:443 ssl crt /home/lb1/ssl_certs/cert1.pem
reqadd X-Forwarded-Proto:\ http
timeout client 1m
default_backend m-backend
capture request header Referer len 64
backend m-backend
balance roundrobin
timeout connect 10s
timeout server 1m
server node1 node1:80 check
server node2 node2:80 check
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
Tags load-balancing haproxy