AWS ALB截断HTTP响应

时间:2018-11-21 20:47:34

标签: amazon-web-services http amazon-elb

我有一个目标组和运行PHP API的ECS集群的ALB。

我正在尝试向API查询CSV响应,但是如果请求是通过ALB发送的,我会得到截断的结果。

当我通过SSH进入运行集群的EC2实例并尝试手动运行curl(通过负载平衡器)时,响应将被截断:

curl -sSL -D - 'https://my.domain.com/api/export?token=foobar&start_date=01-01-2015&end_date=01-01-2019' \
  -H 'Content-Type: application/json' \
  -H 'cache-control: no-cache' -o /dev/null

我正在获取这些标题:

HTTP/2 200 
date: Wed, 21 Nov 2018 20:25:27 GMT
content-type: text/csv; charset=utf-8
content-length: 173019
server: nginx
content-transfer-encoding: binary
content-description: File Transfer
content-disposition: attachment;filename=export.csv
cache-control: private, must-revalidate
etag: "b90d0da7b482da96e1a478d59eedd0d16552fbfd"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-security-policy-report-only: default-src 'self';
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin

curl: (92) HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2)

如果我尝试对容器运行相同的卷曲(在本地运行-不通过ALB运行)

curl -sSL -D - 'http://localhost:32776/api/export?token=foobar&start_date=01-01-2015&end_date=01-01-2019' \
  -H 'Content-Type: application/json' \
  -H 'cache-control: no-cache' -o /dev/null

响应:

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/csv; charset=utf-8
Content-Length: 173019
Connection: keep-alive
Content-Transfer-Encoding: binary
Content-Description: File Transfer
content-disposition: attachment;filename=export.csv
Cache-Control: private, must-revalidate
Date: Wed, 21 Nov 2018 20:36:55 GMT
ETag: "b90d0da7b482da96e1a478d59eedd0d16552fbfd"
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy-Report-Only: default-src 'self;
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: origin

当我比较它们时,HTTP版本有所不同。我尝试在ALB中切换到HTTP1,但是仍然遇到相同(或相似的)问题:curl: (18) transfer closed with 130451 bytes remaining to read

另一个区别是Keep-Alive选项。我不确定这是否是我可以在ALB上启用的属性。

当我尝试返回不同的响应(复杂的网页/很长)时,响应通过ALB顺利进行(未截断)。根据错误消息,当ALB启用HTTP/1.1时,每次在42568字节之后响应都会被截断。

有什么想法吗?

更新

如果我在响应中省略了Content-Type标头,它就不会被截断。

return new Response($content, Response::HTTP_OK, [
    # Works without this:
    # 'Content-Type' => 'text/csv; charset=utf-8',
    'Content-Transfer-Encoding' => 'binary',
    'Content-Description' => 'File Transfer',
    'Content-Disposition' => "attachment;filename=export.csv",
    'Content-Length' => strlen($content),  
]);

更新2

将响应Content-Type更改为text/html即可正确返回响应。

2 个答案:

答案 0 :(得分:1)

因此,经过一些愉快的调试之后,我在容器的Nginx日志中找到了这个:

nginx stderr | 2018/11/22 01:03:59 [warn] 39#39: *65 an upstream response is 
buffered to a temporary file /var/tmp/nginx/fastcgi/4/01/0000000014 while reading 
upstream, client: 10.1.1.163, server: _, request: "GET /api/export?
token=foobar&start_date=01-01-2015&end_date=01-01-2019 HTTP/1.1", upstream: 
"fastcgi://unix:/var/run/php-fpm.sock:", host: "my.domain.com"

基本上可以通过将这两行烘焙到我的nginx配置中来解决:

client_body_temp_path /tmp 1 2;
fastcgi_temp_path /tmp 1 2;

为什么仅针对csv输出会发生这种问题仍然是个谜。

感谢您的帮助!

答案 1 :(得分:0)

您应在EC2实例上启用保持活动状态。

  

您可以在EC2的Web服务器设置中启用HTTP保持活动状态   实例。   https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#connection-idle-timeout

还要再次检查Content-Length标头是否正确。大小不正确会导致您看到错误。