我的HAProxy 1.5负载均衡器偶尔会从后端节点中的任何一个获取504错误。 504错误只针对Woocommerce / checkout。 / checkout端点调用服务器端的支付网关,Woocommerce捕获付款状态并将用户redirect到感谢页面。
在Woocommercepipe理中,来自同一客户的重复订单。 我怀疑它可能是一个节点超时并将请求传递到下一个节点,而事务仍然在第一个节点挂起。
这是一个504错误的例子。 似乎有8分钟的等待期(16:51 – 16:43)。
Apr 1 16:43:47 LB1 haproxy[31955]: 115.66.152.19:28289 [01/Apr/2017:16:43:00.738] www-http m-backend/node2 46183/0/0/191/46374 200 1538 - - ---- 2/2/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1" Apr 1 16:52:05 LB1 haproxy[31955]: 115.66.152.19:11502 [01/Apr/2017:16:52:05.984] www-http m-backend/node2 0/0/0/5/5 200 202 - - ---- 3/3/1/1/0 0/0 {http://<clientDomain>/checkout/} "GET /favicon.ico HTTP/1.1" Apr 1 16:52:09 LB1 haproxy[31955]: 115.66.152.19:43861 [01/Apr/2017:16:51:09.123] www-http m-backend/node1 0/0/1/-1/60002 504 195 - - sH-- 2/2/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1" 另一个例子:
Mar 31 13:05:04 LB1 haproxy[31955]: 222.164.62.123:52201 [31/Mar/2017:13:05:04.157] www-http m-backend/node2 0/0/1/142/143 200 1364 - - ---- 4/4/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1" Mar 31 13:06:18 LB1 haproxy[31955]: 222.164.62.123:52201 [31/Mar/2017:13:05:04.301] www-http m-backend/node1 14684/0/0/-1/74685 504 195 - - sH-- 0/0/0/0/0 0/0 {http://<clientDomain>/checkout/} "POST /checkout/?wc-ajax=checkout HTTP/1.1"
两对重复的命令:
mysql> select * from wp_posts where ID in (468,469,470,471); +-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+ | ID | post_author | post_date | post_date_gmt | post_content | post_title | post_excerpt | post_status | comment_status | ping_status | post_password | post_name | to_ping | pinged | post_modified | post_modified_gmt | post_content_filtered | post_parent | guid | menu_order | post_type | post_mime_type | comment_count | +-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+ | 468 | X | 2017-03-31 21:09:24 | 2017-03-31 13:09:24 | | Order – March 31, 2017 @ 09:09 PM | | wc-processing | open | closed | order_58de5501aeffb | order-mar-31-2017-0109-pm | | | 2017-03-31 21:09:24 | 2017-03-31 13:09:24 | | 0 | http://<clientDomain>/?post_type=shop_order&p=468 | 0 | shop_order | | 2 | | 469 | X | 2017-03-31 21:10:01 | 2017-03-31 13:10:01 | | Order – March 31, 2017 @ 09:10 PM | | wc-processing | open | closed | order_58de5527335c1 | order-mar-31-2017-0109-pm-2 | | | 2017-03-31 21:10:01 | 2017-03-31 13:10:01 | | 0 | http://<clientDomain>/?post_type=shop_order&p=469 | 0 | shop_order | | 2 | | 470 | X | 2017-04-02 00:55:21 | 2017-04-01 16:55:21 | | Order – April 2, 2017 @ 12:55 AM | | wc-processing | open | closed | order_58dfdb75c2b0a | order-apr-01-2017-0455-pm | | | 2017-04-02 00:55:21 | 2017-04-01 16:55:21 | | 0 | http://<clientDomain>/?post_type=shop_order&p=470 | 0 | shop_order | | 2 | | 471 | X | 2017-04-02 00:56:28 | 2017-04-01 16:56:28 | | Order – April 2, 2017 @ 12:56 AM | | wc-processing | open | closed | order_58dfdbba98bce | order-apr-01-2017-0456-pm | | | 2017-04-02 00:56:28 | 2017-04-01 16:56:28 | | 0 | http://<clientDomain>/?post_type=shop_order&p=471 | 0 | shop_order | | 2 | +-----+-------------+---------------------+---------------------+--------------+-----------------------------------------+--------------+---------------+----------------+-------------+---------------------+-----------------------------+---------+--------+---------------------+---------------------+-----------------------+-------------+---------------------------------------------------------------------+------------+----------------+----------------+---------------+
haproxy.cfg
global log /dev/log local0 log /dev/log local1 notice #chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s user haproxy group haproxy daemon # Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS ssl-default-bind-options no-sslv3 maxconn 3000 tune.ssl.default-dh-param 2048 defaults log global mode http option httplog option dontlognull option forwardfor option http-server-close timeout connect 5000 timeout client 50000 timeout server 50000 stats enable stats uri /stats stats realm Haproxy\ Statistics stats auth <user>:<password> errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http frontend www-http bind *:80 bind *:443 ssl crt /home/lb1/ssl_certs/cert1.pem reqadd X-Forwarded-Proto:\ http timeout client 1m default_backend m-backend capture request header Referer len 64 backend m-backend balance roundrobin timeout connect 10s timeout server 1m server node1 node1:80 check server node2 node2:80 check http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc }