Getting 504s at haproxy with long running reports

Wed, 20 Apr 2022 10:28:37 -0700 

Hello all,

My problem is that my AppDev group has some web applications generating reports 
that are taking a very long time to run which is resulting in 504s.  An example 
httplog entry is below.

Apr 19 10:53:42 xxxxxxxxx haproxy[6173]: XX.XX.XX.XX:2499 
[19/Apr/2022:10:52:32.339]
http-in-VIPX-XXXXXXXXXX-UAT Cluster_XXXXXXXXXX_UAT/hostname.com
0/0/0/-1/70001   504   262   - - sH--   3/3/0/0/0   0/0
"GET /XXXXXXX/Reports/SubmitReportDownload?FileTypeID=1&ReportTypeID=1 HTTP/1.1"

My thinking was that this was due to the option “timeout server 70s” in my 
defaults (hence the 70001 Ta value).  There’s also the “sH--” session 
termination state which, by my interpretation, means “server side timeout 
waiting for response Headers” which also seems to point to the server side 
timeout.  Because of these, I decided to leave the default at 70 seconds and 
override it in the backend by setting “timeout server 120s” (the 120s proposed 
by AppDev).  This had no effect so I tried multiple values (and some other 
timeout parameters) all to no effect.  Finally, given this is my Dev/UAT NLB, I 
tried changing the default “timeout server” to 120s and, still, no effect.  The 
web server in this case is IIS and AppDev says the reports work going directly 
so it seems to be something specific to my haproxy config (the relevant part of 
which is below).

I am obviously missing something.  Am I right that this is timeout related?  
And, if so, what options should I be setting and at what level 
(default/frontend/backend) to allow these long running reports to complete 
while going through the NLB?

Thanks for taking the time and any insight you can provide will be greatly 
appreciated.

Dan.


defaults
  log   global

  mode  http
  option  httplog
  option  dontlognull
  option  log-health-checks

  option  forwardfor

  timeout connect 20s
  timeout client  120s
  timeout server  120s

frontend https-in-VIP10-AD-APPENV-UAT

bind       XX.XX.XX.XX:80
bind       XX.XX.XX.XX:443 ssl crt /path/to/file.pem

mode  http

option     http-keep-alive
timeout    client 2m

http-request add-header X-Forwarded-Proto https
  http-request add-header X-Forwarded-Port  443

    -= snip more stuff =-

  default_backend Cluster_XXXXXXXX_UAT

backend Cluster_XXXXXXXX_UAT

mode    http

  server  host host check port 80 inter 5000 fall 2 rise 3 maxconn 64

Reply via email to