我有一个 AWS ECS 设置。服务和 Fargate 任务在 VPC 和同一子网中运行。其中一项服务是侦听端口 80 的 ASP.NET Web 应用程序。当另一个服务向该应用程序发送请求时,该请求将在 15 秒内从客户端取消。完全相同的服务(Docker 镜像)在我的本地环境中不会遇到这个问题,因此我假设这与 AWS 有关。
我在AWS文档或任务、服务和角色配置中没有找到任何相关信息。此超时从何而来?如何增加或删除它?
这是 ASP.NET 应用程序的日志。您可以看到连接在连接启动后的 15 秒内收到了“FIN”:
2023-12-13T08:46:08.746+01:00 dbug: Microsoft.AspNetCore.Server.Kestrel.Connections[39]
2023-12-13T08:46:08.746+01:00 Connection id "0HMVRLR65I2GS" accepted.
2023-12-13T08:46:08.747+01:00 dbug: Microsoft.AspNetCore.Server.Kestrel.Connections[1]
2023-12-13T08:46:08.747+01:00 Connection id "0HMVRLR65I2GS" started.
2023-12-13T08:46:08.747+01:00 info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
2023-12-13T08:46:08.747+01:00 Request starting HTTP/1.1 POST http://extension-web-page.abtesting/text - application/json 38
2023-12-13T08:46:08.747+01:00 trce: Microsoft.AspNetCore.HostFiltering.HostFilteringMiddleware[2]
2023-12-13T08:46:08.747+01:00 All hosts are allowed.
2023-12-13T08:46:08.747+01:00 dbug: Microsoft.AspNetCore.Routing.Matching.DfaMatcher[1001]
2023-12-13T08:46:08.747+01:00 1 candidate(s) found for the request path '/text'
2023-12-13T08:46:08.747+01:00 dbug: Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware[1]
2023-12-13T08:46:08.747+01:00 Request matched endpoint 'HTTP: POST /text => Text'
2023-12-13T08:46:08.747+01:00 trce: Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware[8]
2023-12-13T08:46:08.747+01:00 The endpoint does not specify the IRequestSizeLimitMetadata.
2023-12-13T08:46:08.748+01:00 info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
2023-12-13T08:46:08.748+01:00 Executing endpoint 'HTTP: POST /text => Text'
2023-12-13T08:46:08.748+01:00 dbug: Microsoft.AspNetCore.Server.Kestrel[25]
2023-12-13T08:46:08.748+01:00 Connection id "0HMVRLR65I2GS", Request id "0HMVRLR65I2GS:00000001": started reading request body.
2023-12-13T08:46:08.748+01:00 dbug: Microsoft.AspNetCore.Server.Kestrel[26]
2023-12-13T08:46:08.748+01:00 Connection id "0HMVRLR65I2GS", Request id "0HMVRLR65I2GS:00000001": done reading request body.
2023-12-13T08:46:23.742+01:00 dbug: Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets[6]
**2023-12-13T08:46:23.742+01:00 Connection id "0HMVRLR65I2GS" received FIN.**
2023-12-13T08:46:23.743+01:00 dbug: Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets[7]
2023-12-13T08:46:23.743+01:00 Connection id "0HMVRLR65I2GS" sending FIN because: "The Socket transport's send loop completed gracefully."
2023-12-13T08:46:23.743+01:00 dbug: Microsoft.AspNetCore.Server.Kestrel.Connections[10]
2023-12-13T08:46:23.743+01:00 Connection id "0HMVRLR65I2GS" disconnecting.
2023-12-13T08:47:48.751+01:00 info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
2023-12-13T08:47:48.751+01:00 Executed endpoint 'HTTP: POST /text => Text'
2023-12-13T08:47:48.751+01:00 dbug: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[4]
2023-12-13T08:47:48.751+01:00 The request was aborted by the client.
2023-12-13T08:47:48.751+01:00 info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
2023-12-13T08:47:48.751+01:00 Request finished HTTP/1.1 POST http://extension-web-page.abtesting/text - 499 - text/plain;+charset=utf-8 100004.1499ms
2023-12-13T08:47:48.751+01:00 dbug: Microsoft.AspNetCore.Server.Kestrel.Connections[2]
2023-12-13T08:47:48.751+01:00 Connection id "0HMVRLR65I2GS" stopped.
CloudFormation 堆栈,包含消费者(Web-UI-服务器)和提供者(扩展-网页)服务以及安全组:
Resources:
# web-ui-server
WebUiServerTaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
Family: web-ui-server
NetworkMode: awsvpc
RequiresCompatibilities:
- FARGATE
Cpu: "256"
Memory: "512"
ExecutionRoleArn: "arn:aws:iam::XXXXXXXXXXX:role/ecsTaskExecutionRole"
ContainerDefinitions:
- Name: web-ui-server
Image: XXXXXXXXXXX.dkr.ecr.us-east-1.amazonaws.com/web-ui-server:latest
Essential: true
PortMappings:
- ContainerPort: 80
LogConfiguration:
LogDriver: "awslogs"
Options:
awslogs-create-group: true
awslogs-group: "/ecs/myproject-dev/web-ui-server/"
awslogs-region: "us-east-1"
awslogs-stream-prefix: "ecs"
WebUiServerService:
Type: AWS::ECS::Service
DependsOn: DevMyprojectNLBListener
Properties:
ServiceName: web-ui-server
Cluster: !Ref DevMyprojectECSCluster
TaskDefinition: !Ref WebUiServerTaskDefinition
LaunchType: FARGATE
DesiredCount: 1
ServiceConnectConfiguration:
Enabled: true
Namespace: myproject-dev
NetworkConfiguration:
AwsvpcConfiguration:
Subnets:
- !Ref DevMyprojectSubnet1
SecurityGroups:
- !GetAtt WebUiServerSecurityGroup.GroupId
AssignPublicIp: ENABLED
LoadBalancers:
- ContainerName: web-ui-server
ContainerPort: 80
TargetGroupArn: !Ref DevMyprojectTargetGroup
# extension-web-page
ExtensionWebPageTaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
Family: extension-web-page
NetworkMode: awsvpc
RequiresCompatibilities:
- FARGATE
Cpu: 256
Memory: 512
ExecutionRoleArn: "arn:aws:iam::XXXXXXXXXXX:role/ecsTaskExecutionRole"
ContainerDefinitions:
- Name: extension-web-page
Image: XXXXXXXXXXX.dkr.ecr.us-east-1.amazonaws.com/extension-web-page:latest
Essential: true
PortMappings:
- Name: extension-web-page
Protocol: tcp
AppProtocol: http
ContainerPort: 80
HostPort: 80
LogConfiguration:
LogDriver: "awslogs"
Options:
awslogs-create-group: true
awslogs-group: "/ecs/myproject-dev/extension-web-page/"
awslogs-region: "us-east-1"
awslogs-stream-prefix: "ecs"
ExtensionWebPageService:
Type: AWS::ECS::Service
Properties:
ServiceName: extension-web-page
Cluster: !Ref DevMyprojectECSCluster
TaskDefinition: !Ref ExtensionWebPageTaskDefinition
LaunchType: FARGATE
DesiredCount: 1
ServiceConnectConfiguration:
Enabled: true
Namespace: myproject-dev
Services:
- PortName: extension-web-page
DiscoveryName: extension-web-page-myproject
ClientAliases:
- DnsName: extension-web-page.myproject
Port: 80
NetworkConfiguration:
AwsvpcConfiguration:
Subnets:
- !Ref DevMyprojectSubnet1
SecurityGroups:
- !GetAtt Subnet1InternalMicroserviceSecurityGroup.GroupId
AssignPublicIp: ENABLED
# Security groups
Subnet1InternalMicroserviceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: myproject-dev-subnet1-internal
GroupDescription: ECSSecurityGroup
VpcId: !Ref DevMyprojectVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: !Ref DevMyprojectSubnet1Cidr
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
WebUiServerSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: myproject-dev-web-ui-server
GroupDescription: ECSSecurityGroup
VpcId: !Ref DevMyprojectVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
AWS Service Connect 中内部通信的默认超时为 15 秒。要删除超时,您可以调整配置如下:
ExtensionWebPageService:
Type: AWS::ECS::Service
Properties:
ServiceName: extension-web-page
Cluster: !Ref DevMyprojectECSCluster
TaskDefinition: !Ref ExtensionWebPageTaskDefinition
LaunchType: FARGATE
DesiredCount: 1
ServiceConnectConfiguration:
Enabled: true
Namespace: myproject-dev
Services:
- PortName: extension-web-page
DiscoveryName: extension-web-page-myproject
### Set this parameter to 0:
Timeout:
PerRequestTimeoutSeconds: 0
### The rest is without changes
ClientAliases:
- DnsName: extension-web-page.myproject
Port: 80
NetworkConfiguration:
AwsvpcConfiguration:
Subnets:
- !Ref DevMyprojectSubnet1
SecurityGroups:
- !GetAtt Subnet1InternalMicroserviceSecurityGroup.GroupId
AssignPublicIp: ENABLED
将超时设置为0可以确保通信没有超时限制。确保正确应用此配置以避免意外的长时间运行连接。