• 【API管理 APIM】APIM集成内部VNet后,自我访问出现(Unable to connect to the remote server)问题,而Remote Server正是APIM它自己


    问题描述

    在使用APIM配置内部VNET后,如API-1正常配置访问后端服务器的一个接口,而API-2则是通过调用APIM中的API-1来作为backendUrl,会出现500错误。 经过测试,目前这种配置内部集成VNET的情况下,会出现错误。这是一个已知的问题。

    错误消息为:Unable to connect to the remote server

    而在APIM的开发者门户中测试跟踪接口,则会获取到如下的错误信息:

    异常日志

    System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond xxx.xxx.xxx.xxx:443
       at System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult)
       at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
       at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
       --- End of inner exception stack trace ---
       at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
       at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.WindowsAzure.ApiManagement.Proxy.Gateway.Handlers.DefaultServiceRequestExecutor.<ExecuteAsync>d__9.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.WindowsAzure.ApiManagement.Proxy.Runtime.Configuration.Models.DefaultHttpBackend.<ProcessAsync>d__5.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.WindowsAzure.ApiManagement.Proxy.Gateway.Policies.IO.CallServiceHandler.<ProcessAsync>d__6.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.WindowsAzure.ApiManagement.Proxy.Gateway.Policies.PipelineWalker.<ExecuteAsync>d__1.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.WindowsAzure.ApiManagement.Proxy.Gateway.Policies.PipelineWalker.<ExecuteAsync>d__1.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.WindowsAzure.ApiManagement.Proxy.Gateway.PipelineExecutor.<ExecuteAsync>d__15.MoveNext()

    问题原因

    因为APIM 后端实例中, 所有传出流量(包含请求到自己的流量)都被路由到APIM Load Balancer,而不是直接环回接口(Loopback)。 由于SLB的一个局限性,即如果它映射到相同的VM,则不允许建立从后端池中的VM到SLB IP的连接。最终结果是,请求发送到同一APIM服务的API调用开始失败。

    解决办法

    使用127.0.0.1来代替APIM的域名,并且在API的inbound策略中设置host header,指定值为该APIM的域名。 操作步骤如下:

    1:使用127.0.0.1替换APIM域名

    2:添加Host header,设置值为APIM域名

    设置后全部的 API Policy 为:

    <policies>
        <inbound>
            <set-header name="Host" exists-action="override">
                <value>your apim url here</value>
            </set-header>
        </inbound>
        <backend>
            <base />
        </backend>
        <outbound>
            <base />
        </outbound>
        <on-error>
            <base />
        </on-error>
    </policies>

    当在复杂的环境中面临问题,格物之道需:浊而静之徐清,安以动之徐生。 云中,恰是如此!

  • 相关阅读:
    内存管理——显式类型转换
    内存管理——隐式类型转换
    数据类型——构造类型——枚举
    构造类型——联合类型
    结构体学习笔记9——结构体大小计算规则
    结构体学习笔记8——内存对齐
    结构体学习笔记7——结构体数组
    结构体学习笔记6——结构体嵌套
    结构体学习笔记5——指针成员与函数成员
    一.js高级(9)深拷贝-浅拷贝的其他方法
  • 原文地址:https://www.cnblogs.com/lulight/p/13666688.html
Copyright © 2020-2023  润新知