[英]Azure API Management (consumption tier): First request gives timeout and is not sent to backend service
I have a service running behind an Azure API Management instance running in the consumption tier.我有一个服务在消费层中运行的 Azure API 管理实例后面运行。 When no traffic has been sent to the API Management instance in a while (15 minutes isn't enough to trigger it, but an hour is), the first request sent takes about 3 minutes 50 seconds and returns a HTTP 500 with this body content:
当一段时间内没有流量发送到 API 管理实例时(15 分钟不足以触发它,但一个小时是),发送的第一个请求大约需要 3 分 50 秒,并返回带有此正文内容的 HTTP 500 :
<html><head><title>500 - The request timed out.</title></head><body> <font color ="#aa0000"> <h2>500 - The request timed out.</h2></font> The web server failed to respond within the specified time.</body></html>
Following requests work fine.以下请求工作正常。 Based on application logs and testing with an API Management instance pointing to my local machine via ngrok, it doesn't look like API management is even trying to connect to the backend for these requests.
基于应用程序日志和通过 ngrok 指向我的本地机器的 API 管理实例的测试,看起来 API 管理甚至没有尝试连接到这些请求的后端。 For the local test, I ran my app under the debugger, put a breakpoint in my service method (there's no auth that could get in the way) and watched the "output" window in Visual Studio.
对于本地测试,我在调试器下运行我的应用程序,在我的服务方法中放置一个断点(没有可能妨碍的身份验证)并观察 Visual Studio 中的“输出”窗口。 It never hit my breakpoint, and never showed anything in the output window for that "500 request timed out" request.
它从未达到我的断点,也从未在“500 请求超时”请求的输出窗口中显示任何内容。 When I made another request to API Management, it forwarded along to my service as expected, giving me output and hitting my breakpoint.
当我向 API Management 发出另一个请求时,它按预期转发到我的服务,为我提供输出并点击我的断点。
Is this some known issue with API Management consumption tier that I need to find some way to work around (ie. a service regularly pinging it)?这是 API 管理消费层的一些已知问题,我需要找到某种解决方法(即服务定期 ping 它)? Or a possible configuration issue with the way I've set up my API Management instance?
或者我设置 API 管理实例的方式可能存在配置问题?
My API management instance is deployed via an ARM template using the consumption tier in North Central US and has some REST and some SOAP endpoints (this request I've been using for testing is one of the SOAP ones and uses the envelope header to specify the SOAP action).我的 API 管理实例是通过 ARM 模板使用美国中北部的消费层部署的,并且有一些 REST 和一些 SOAP 端点(我一直用于测试的这个请求是 SOAP 请求之一,并使用信封头来指定SOAP 操作)。
Additional information:附加信息:
HTTP 500 (Internal Server Error) status code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request. HTTP 500(内部服务器错误)状态代码表示服务器遇到了阻止其完成请求的意外情况。 (possibly due to large payload).
(可能是由于有效载荷较大)。 There is no issue at APIM level.
APIM 级别没有问题。 Analyze the APIM inspector trace and you should see HTTP 500 status code under 'forward-request' response attribute.
分析 APIM 检查器跟踪,您应该在“转发请求”响应属性下看到 HTTP 500 状态代码。
You need to understand who is throwing these HTTP 404 and 500 responses, APIM, or the backend SOAP API.您需要了解谁在抛出这些 HTTP 404 和 500 响应、APIM 或后端 SOAP API。 The best way to get that answer is to collect APIM inspector trace to inspect request and response.
获得该答案的最佳方法是收集 APIM 检查器跟踪以检查请求和响应。 Debug your APIs using request tracing
使用请求跟踪调试您的 API
The Consumption tier exposes serverless properties.消费层公开无服务器属性。 It runs on a shared infrastructure, can scale down to zero in times of no traffic and is billed per execution.
它在共享基础架构上运行,可以在没有流量的情况下缩小到零,并按执行计费。 Connections are pooled and reused unless explicitly closed by the back end.
除非后端明确关闭,否则连接会被合并和重用。 Api management service limits
Api 管理服务限制
1. These pattern of symptoms are also often known to occurs due to network address translation (SNAT) port limits with your APIM service. 1.这些症状模式通常也是由于您的 APIM 服务的网络地址转换 (SNAT) 端口限制而发生的。
Whenever a client calls one of your APIM APIs, Azure API Management service opens a SNAT port to access your backend API.每当客户端调用你的 APIM API 之一时,Azure API 管理服务就会打开一个 SNAT 端口来访问你的后端 API。 Azure uses SNAT and a Load Balancer (not exposed to customers) to communicate with end points outside Azure in the public IP address space, as well as end points internal to Azure that aren't using Virtual Network service endpoints.
Azure 使用 SNAT 和负载均衡器(不向客户公开)与 Azure 外部公共 IP 地址空间中的端点以及 Azure 内部未使用虚拟网络服务端点的端点进行通信。 (This situation is only applicable to backend APIs exposed on public IPs.)
(这种情况只适用于暴露在公共 IP 上的后端 API。)
Each instance of API Management service is initially given a pre-allocated number of SNAT ports. API 管理服务的每个实例最初都有一个预先分配的 SNAT 端口数。 That limit affects opening connections to the same host and port combination.
该限制影响打开与相同主机和端口组合的连接。 SNAT ports are used up when you have repeated calls to the same address and port combination.
当您重复调用相同的地址和端口组合时,SNAT 端口就会用完。 Once a SNAT port has been released, the port is available for reuse as needed.
释放 SNAT 端口后,该端口可根据需要重新使用。 The Azure Network load balancer reclaims SNAT ports from closed connections only after waiting four minutes.
Azure 网络负载平衡器仅在等待四分钟后才从关闭的连接中回收 SNAT 端口。
A rapid succession of client requests to your APIs may exhaust the pre-allocated quota of SNAT ports if these ports are not closed and recycled fast enough, preventing your APIM service from processing client requests in a timely manner.如果这些端口没有足够快地关闭和回收,客户端对 API 的快速连续请求可能会耗尽预先分配的 SNAT 端口配额,从而阻止您的 APIM 服务及时处理客户端请求。
Following strategies can be considered:
可以考虑以下策略:
- Use multiple IPs for your backend URLs
为您的后端 URL 使用多个 IP
- Place your APIM and backend service in the same VNet
将 APIM 和后端服务放在同一个 VNet 中
- Place your APIM in a virtual network and route outbound calls to Azure Firewall
将 APIM 置于虚拟网络中并将出站调用路由到 Azure 防火墙
- Consider response caching and other backend performance tuning (configuring certain APIs with response caching to reduce latency
考虑响应缓存和其他后端性能调整(使用响应缓存配置某些 API 以减少延迟
between client applications calling your API and your APIM backend在调用 API 的客户端应用程序和 APIM 后端之间
load.)加载。)
- Consider implementing access restriction policies (policy can be used to prevent API usage spikes on a per key basis by limiting the call rate per a specified time period.)
考虑实施访问限制策略(该策略可用于通过限制每个指定时间段的调用率来防止基于每个密钥的 API 使用高峰。)
2. The forward-request policy forwards the incoming request to the backend service specified in the request context. 2.转发请求策略将传入的请求转发到请求上下文中指定的后端服务。 The backend service URL is specified in the API settings and can be changed using the set backend service policy.
后端服务 URL 在 API 设置中指定,可以使用设置的后端服务策略进行更改。
Policy statement:政策声明:
<forward-request timeout="time in seconds" follow-redirects="false | true" buffer-request-body="false | true" buffer-response="true | false" fail-on-error-status-code="false | true"/>
Example : The following API level policy forwards all API requests to the backend service with a timeout interval of 60 seconds.示例:以下 API 级别策略将所有 API 请求转发到后端服务,超时间隔为 60 秒。
<!-- api level -->
<policies>
<inbound>
<base/>
</inbound>
<backend>
<forward-request timeout="60"/>
</backend>
<outbound>
<base/>
</outbound>
</policies>
Attribute: timeout="integer"
属性:超时=“整数”
Description: The amount of time in seconds to wait for the HTTP response headers to be returned by the backend service before a timeout error is raised.
说明:在引发超时错误之前等待后端服务返回 HTTP 响应标头的时间量(以秒为单位)。 Minimum value is 0 seconds.
最小值为 0 秒。 Values greater than 240 seconds may not be honored as the underlying network infrastructure can drop idle connections after this time.
大于 240 秒的值可能不被接受,因为在此时间之后底层网络基础结构可能会丢弃空闲连接。
Required: No
要求:否
Default: None
默认值:无
This policy can be used in the following policy sections and scopes.
此策略可用于以下策略部分和范围。
- Policy sections: backend
政策部分:后端
- Policy scopes: all scopes
政策范围:所有范围
Checkout similar feedback for your reference.结帐类似的反馈供您参考。 Also, refer for detailed troubleshooting of 5oo error for APIM.
另外, 请参阅APIM 5oo 错误的详细故障排除。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.