OK, I dropped the port 80 config, and enabled the debugging.
I then did some random poking, and I realized that requests from
localhost succeed (i.e. when I use ‘curl’ on the server, or run Chromium) but fail from any other host. So I tried replacing all the hostnames in the remap file with IPs, but that didn’t help – the remote requests still time out.
I am not running AppArmor, and my /etc/hosts only contains the default entries (localhost definitions and somesuch). The DNS resolution on command line works
in both directions (hostname to IP, and IP to hostname).
Anyway, the debug dump from a single request is huge, nearly 3000 lines. As best as I can figure, the following things might be relevant:
The response from the origin server result in the following log entriess (cleaned up for readability):
+++++++++ Incoming O.S. Response +++++++++
-- State Machine Id: 0
DEBUG: (http_seq) [HttpTransact::HandleResponse]
Response not valid
DEBUG: (http_trans) [handle_response_from_server] (hrfs)
DEBUG: (http_trans) 
failed to connect  to 10.87.40.225
DEBUG: (http_trans) [retry_server_connection_not_open] attempts now: 2, max: 3
DEBUG: (http_trans) [handle_response_from_server] Error. Retrying...
DEBUG: (http)  State Transition: ORIGIN_SERVER_OPEN -> ORIGIN_SERVER_OPEN
DEBUG: (http_track) entered inside do_http_server_open
DEBUG: (http)  open connection to vdanilchenko-corewiki.vistaprint.net: 10.87.40.225:80
DEBUG: (http_seq) [HttpSM::do_http_server_open] Sending request to server
DEBUG: (http) calling netProcessor.connect_re
DEBUG: (http)  [HttpSM::main_handler, NET_EVENT_OPEN]
DEBUG: (http_track) entered inside state_http_server_open
DEBUG: (http)  [&HttpSM::state_http_server_open, NET_EVENT_OPEN]
DEBUG: (http_ss)  session born, netvc 0x2b59ec0150e0
Each such set of log entries is followed by a number of apparently failing requests for
http://127.0.0.1:8083/synthetic.txt – even though I can access that URL and retrieve the ‘synthetics.txt’ file (it’s 60 lines of ‘abcdefghijklmnopqrstuvwxyz’).
http://10.87.40.225/phpinfo2.php (on non-proxy port) works like a charm, though, so I still have no idea why TrafficServer is failing to connect.
I tried monitoring traffic on port 80 via ngrep, and when I do regular request to origin server (on port 80), it works fine – I observe the request and response
as expected; but when I make a request to the proxy (on port 8080), there’s simply nothing going across the port 80. Ngrep is just sitting there and printing packet hashmarks, but no content.
So it looks like trafficserver is not merely not getting a response, it’s never actually making the request… as long as the client is remote. If the client is
local, everything works as expected.
From: Alan Carroll [mailto:firstname.lastname@example.org]
Sent: Wednesday, January 20, 2016 3:19 PM
Subject: Re: Need help with a particular usage scenario
A couple of things to try -
2) Turn on debug tags with a value of "http|dns" and see what you get. Those tend to be informative in this regard, as you will be able to see exactly what
ATS thinks it is connecting to.
Ah, thank you very much, updating the maps did change things! Right now I am getting error messages that kinda make sense.
So, here’s my new remap settings:
internal error - server connection terminated
and on the server, in error.log, the following
20160120.14h51m15s RESPONSE: sent 10.87.40.108 status 502 (Connect Error <internal error - server connection terminated/-19999>)
I tried this both using localhost in the maps,
and FQDNs everywhere, the result is the same. I most definitely can get this URL on the server using curl:
So it looks like for some weird reason, TrafficServer is trying – and failing – to contact the origin provider.
Any idea what might be going wrong?
Thanks so much for your help!
Hmmm. A parent proxy set up might work better. The logging of empty URLs is a bug in the logging code which has been fixed (current ATS version is 6.0).
If you are doing remap, you need a forward map as well like
reverse_map, if I recall correctly, only applies to response headers from the origin, to modify them to use the proxy URL instead of the origin URL (as
supplied by the origin).
I'd recommend moving up in versions, to at least 5.3.x.
I need to set up a caching proxy to not work as a proxy, but rather to simply provide caching upon direct access. For example:
And I need to set up a proxy on an alternative port,
http://mediawiki.mycompany.com:8080, which would do nothing
but serve up the traffic from the default port, but cached (we aren’t trying to cache the entire MediaWiki installation, but rather provide an alternative entry point for a specific use case).
I am having trouble figuring out what it would take to set up TrafficServer to do this. I set it up (Ubuntu Vivid, TS 3.2.4), but TS logs empty URLs (http:///)
and of course fails to find them – presumably because it doesn’t receive the customary proxy HTTP headers; so I hit
http://mediawiki.mycompany.com:8080, and only get back 404s.
Is there an easy way to accomplish what I am looking to do? Here’s the config I have right now.
In records.config (in addition to all the standard defaults):
CONFIG proxy.config.http.server_ports STRING 8080
CONFIG proxy.config.http.cache.http INT 1
CONFIG proxy.config.reverse_proxy.enabled INT 1
CONFIG proxy.config.url_remap.remap_required INT 1
CONFIG proxy.config.url_remap.pristine_host_hdr INT 1
I have never set up a proxy before.
Any suggestions on what I need to do? Thanks.