I have an application behind haproxy 2.4.1 that is wsgi -- python. It
is this one:
https://github.com/atoponce/d-note
It appears to work perfectly, but the Apache error log shows this every
time the page is loaded:
[Sun Jul 04 13:06:09.790898 2021] [wsgi:error] [pid 23697:tid
139826101806848] [client 192.168.1.1:42470] IOError: Apache/mod_wsgi
client connection closed., referer: https://secrets.elyograg.org/
As you can see, it's found at https://secrets.elyograg.org for anyone
interested in taking a look.
The wsgi documentation says that error can generally be ignored, and as
I said the site works perfectly ... but I'd like to know if there is
anything that can be added to the haproxy config to have it run
error-free. Not sure how it would be closing the connection anyway ...
I have http/2 enabled on the back end, and I believe that keepalive is
also enabled. Not entirely sure about keepalive... much of the config
is cribbed from production servers I once cared for and I haven't done
any thorough testing.
-----------------
From the mod_wsgi FAQ:
Q: Why do I get the error ‘IOError: client connection closed’ appearing
in the error logs?
A: This occurs when the HTTP client making the request closes the
connection before the complete response for a request has been written.
This can occur where a user force reloads a web page before it had been
completely displayed. It can also occur when using benchmarking tools
such as ‘ab’ as they will over commit on the number of requests they
make when doing concurrent requests, killing off any extra requests once
the required number has been reached.
-----------------
I would imagine that issues like this have been VERY thoroughly
investigated from haproxy's perspective many times over the years ...
but if I hit the backend directly (non-tls, port 81) with all the
browsers I have (Chrome, Firefox, IE, and Edge), that error is NOT
logged by mod_wsgi. The backend is not reachable from the Internet.
Something I noticed, which COULD be significant: Hitting the backend
directly with browsers uses HTTP 1.1, but when haproxy hits it, it uses h2c.
Thanks,
Shawn