v-anvari
commented
2 years ago Hi @dhtek , Can you share the invocation id, Region name and timestamp
Open dhtek opened 3 years ago
v-anvari
commented
2 years ago Hi @dhtek , Can you share the invocation id, Region name and timestamp
dhtek
commented
2 years ago Hi @v-anvari,
I can give you the region: West-Europe, but for the invocationId it will be difficult as the incoming requests aren't received by our function app after the stop-start so not really invoked and injected in Application Insights.
After investigation from my side, I discovered that +-30 minutes after the test load I got this error in the _easyauth_docker.log
2021-11-08T15:44:44.602139065Z [41m[30mfail[39m[22m[49m: Middleware[0] 2021-11-08T15:44:44.602200067Z Failed to forward request to application. Encountered a System.Net.Http.HttpRequestException exception after 2250710.892ms with message: An error occurred while sending the request.. Check application logs to verify the application is properly handling HTTP traffic.
2021-11-08T15:44:44.943409704Z [41m[30mfail[39m[22m[49m: Middleware[0] 2021-11-08T15:44:44.943558107Z Failed to forward request to application. Encountered a System.Threading.Tasks.TaskCanceledException exception after 1302139.557ms with message: The operation was canceled.. Check application logs to verify the application is properly handling HTTP traffic.
It seems that this log is generated by the RequestForwarder from Microsoft.Azure.AppService.Middleware.Forwarding
catch (Exception e)
{
string message = $"Failed to forward request to application. Encountered a {e.GetType()} exception after {requestTime.Elapsed.TotalMilliseconds:F3}ms with message: {e.Message}." + " Check application logs to verify the application is properly handling HTTP traffic.";
logger.LogError(message);
string internalTelemetryMessage = $"HTTP proxy request encountered exception.\nType: {e.GetType()}\nMessage: {e.Message}\n StackTrace: {e.StackTrace}";
if (e.InnerException != null)
{
internalTelemetryMessage += $"\n\nInnerException\nType: {e.InnerException!.GetType()}\nMessage: {e.InnerException!.Message}\n StackTrace: {e.InnerException!.StackTrace}";
}
MiddlewareTrace.TraceError(internalTelemetryMessage);
context.Response.StatusCode = 500;
}which is weird because the HTTP client is configured with a default Timeout of 300 seconds
RequestForwarder requestForwarder = new RequestForwarder(targetHostUri, rewrite, logger, TimeSpan.FromSeconds(300.0));
Unfortunately, I didn't found a solution to activate trace log level for the middleware which can be helpful, do you have any idea what I can do this ? There is two loggers one using TraceSource in this class MiddlewareTraceand the standard .net core logger
It looks like the middleware start to forward requests before that the destination container (my function app) is up and running
Thanks for the help
v-anvari
commented
2 years ago Thank you for the details. We are following up with the concerned team for further insights.
mandar-lad
commented
2 years ago We faced similar issue with Azure app service (4 instances and auto scaling enabled) with CORS settings as '*'. Below are log snippets from EasyAuth docker container log files "…easyauth_docker.log"
`2022-06-10T00:03:45.552868700Z [41m[30mfail[39m[22m[49m: Middleware[0] 2022-06-10T00:03:45.552922505Z Failed to forward request to {IP address based URL removed}. Encountered a System.Net.Http.HttpRequestException exception after 0.774ms with message: Error while copying content to a stream.. Check application logs to verify the application is properly handling HTTP traffic.
2022-06-10T00:00:00.706314821Z [41m[30mfail[39m[22m[49m: Middleware[0] 2022-06-10T00:00:00.706365525Z Failed to forward request to {IP address based URL removed}. Encountered a System.Net.Http.HttpRequestException exception after 1.802ms with message: Error while copying content to a stream.. Check application logs to verify the application is properly handling HTTP traffic.
2022-06-09T00:33:54.096796203Z [41m[30mfail[39m[22m[49m: Middleware[0] 2022-06-09T00:33:54.096842003Z Failed to forward request to {IP address based URL removed}. Encountered a System.Net.Http.HttpRequestException exception after 2.363ms with message: Error while copying content to a stream.. Check application logs to verify the application is properly handling HTTP traffic.`
v-anvari - Appreciate if you could share relevant product groups' findings on these similar issues. Thanks
kwasilka
commented
2 years ago We're facing the same issue. We're running Uvicorn with FastAPI in an azure app service and experiencing the exact same issues logged here. Most often, we see the error and the end user receives a non descriptive 500 error, when our requests hit above 100.
So interesting events we're seeing, with info logging enabled in Uvicorn, we see the requests being answered form a different IP than what is being reported on the error message. At the time of writing this, the errors being reported back are on .7, but the 200 OK requests are being answered by .8.
Any help would be greatly appreciated!
kwasilka
commented
2 years ago From further testing and research, I had found some other information how people had auto scale out enabled, without going into much details.
Today I started testing this a little further, with logged requests to the service being replied from IP .4. When the middleware error would show, it was being reported from .3. Setting the scale out manually to 2, we were no longer able to reproduce the error, pushing the requests beyond 600 sustained for 10-15 minutes and did not have another error occur. With a second instance running from the scale out, requests were being answered from .4 and .7.
We're unable to identify what .3 is within the container, is this a load balancer for the instances? Though I'm unable to confirm this, but what it looks like is .3 is the load balancer for instances and forwards the request onto the instance running on another IP. When only 1 instance is currently running and the requests reach a tipping point, in our case and above posts, seems to be around 100 requests at a time, the balancer might be attempting to send the request to another instance that isn't running, resulting in the error of no response to http traffic.
kwasilka
commented
2 years ago This appears to still be an issue for us. This morning we seen the error show up, on an IP that is answering requests, and even answered requests 50 ms after the error
ltrain777
bchr02
jameel-shorosh-silk
hiniestic
patnir411
ccueto36
slarionoff
When the authentication feature (EasyAuth) is activated on a function app and setup with Azure Active Directory, if the function app restart when there are still HTTP requests incoming, the function app stays unhealthy.
Azure Function Setup:
Authentication feature setup:
Repro steps
Provide the steps required to reproduce the problem:
1) Create a function App with a HTTP trigger (can be just a return ok 200) hosted on an app service plan (P3v2) using docker image 2) Setup the app registration in Active Directory for this API with token OAUTH 2.0 3) Activate the authentication feature on this API with the identity provider Microsoft 4) Execute constant HTTP Request load (+-100 Requests Per Second) using artillery, loader-IO, or other loading test tools with a valid bearer token 5) Stop the function app during the load 6) Wait for some execution errors 7) Start the function app
At this stage, the function app will not reply anymore until a restart after end of load.
Expected behavior
The function app should restart even if there is constant HTTP request load and process incoming requests
Actual behavior
The function stays unhealthy
Known workarounds
Block the incoming requests and restart the function
Additional information
If we do the same test with authentication feature deactivated, the function app restart correctly and the load test continue without any issue...
When the function app is unhealthy we don't see any logs in kudu log stream for appsvc/middleware or msiProxy explaining the situation even if the have activated the filesystem application logging feature in the portal.