Page MenuHomeSoftware Heritage
Create Task
Maniphest T2877

Investigate spurious deposit logs
Closed, MigratedEdits Locked
Actions

Description

Within the deposit logs, we can see lots of prometheus metrics query noise [1]:

Dec 11 09:59:06 deposit python3[3678588]: 2020-12-11 09:59:06 [3678588] django.security.DisallowedHost:ERROR Invalid HTTP_HOST header: 'webapp.staging.swh.network:443'. You may need to add 'webapp.staging.swh.network' to ALLOWED_HOSTS.
Dec 11 09:59:06 deposit python3[3678588]: 2020-12-11 09:59:06 [3678588] django.request:WARNING Bad Request: /metrics/prometheus
Dec 11 09:59:06 deposit python3[3678588]: 2020-12-11 09:59:06 [3678588] gunicorn.access:INFO 127.0.0.1 - - [11/Dec/2020:09:59:06 +0000] "GET /metrics/prometheus HTTP/1.1" 400 26 "-" "Prometheus/2.7.1+ds"

After investigation, this is due to the fallback mechanism of vhosts in
varnish. As no query matches the vhost selection, neither webapp nor deposit
matches (due to the extra :443), those queries end up being forwarded to the
default vhost, the deposit. Most probably determined by lexicographic order on
the file name.

Note that it currently works in production because the webapp there is not
named webapp (after "deposit" in lexicographic order) but archive (so
before the deposit).

A fix is currently being cooked so that the match work properly and the
requests are forwarded to the proper server.

Revisions and Commits

rSPSITE puppet-swh-site
D4719rSPSITE5128dbb7b8d3 varnish: Correctly handle the vhost when the port number is included

Event Timeline

ardumont triaged this task as Normal priority.Dec 11 2020, 11:17 AM
ardumont created this task.
vlorentz added a subscriber: vlorentz.Dec 11 2020, 11:35 AM

You could just add a 00-default vhost that shows a generic error message. (that's not even a hack to rely on alphabetical order for vhost configs)

vsellier added a revision: D4719: varnish: Correctly handle the vhost when the port number is included.Dec 11 2020, 11:42 AM
ardumont updated the task description. (Show Details)Dec 11 2020, 11:45 AM
vsellier added a subscriber: vsellier.EditedDec 11 2020, 11:46 AM

I agree for the default site but we have several legit requests from the monitoring not correctly routed so the configuration needs to be adapted.

vsellier added a commit: rSPSITE5128dbb7b8d3: varnish: Correctly handle the vhost when the port number is included.Dec 11 2020, 2:36 PM
ardumont added a comment.Dec 11 2020, 3:02 PM

Deployed (rp0.staging, webapp0.azure, moma).

ardumont claimed this task.Dec 11 2020, 3:03 PM

And now spurious logs are gone for the deposit.

ardumont closed this task as Resolved.Dec 11 2020, 3:03 PM
ardumont removed ardumont as the assignee of this task.
ardumont moved this task from Backlog to Deployed on the SWORD deposit board.Dec 11 2020, 3:22 PM
ardumont moved this task from Backlog to deployed/landed/monitoring on the System administration board.Jan 6 2021, 3:45 PM
ardumont moved this task from deployed/landed/monitoring to done on the System administration board.Jul 29 2021, 1:22 PM
gitlab-migration changed the task status from Resolved to Migrated.Oct 19 2022, 6:00 PM
gitlab-migration claimed this task.
gitlab-migration added a subscriber: gitlab-migration.

This task has been migrated to GitLab.

About · Developer information · Legal