close
The Wayback Machine - https://web.archive.org/web/20201117063058/https://github.com/TykTechnologies/tyk/issues/3259
Skip to content

/ tyk

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Protocol is applied to load balancing upstream target #3259

Closed
ilijabojanovic opened this issue Aug 6, 2020 · 1 comment
Closed

Protocol is applied to load balancing upstream target #3259

ilijabojanovic opened this issue Aug 6, 2020 · 1 comment
Assignees
@gernest
Labels
bug

Comments

@ilijabojanovic
Copy link
Member

@ilijabojanovic ilijabojanovic commented Aug 6, 2020

Branch/Environment/Version

  • Branch/Version: Stable/Master
  • Environment: All

Describe the bug
When we set protocol on api definition and enable load balancing, protocol is applied on upstream targets.

Reproduction steps

  1. Create api definition
  2. Set Https protocol
  3. Enable load balancing and add two upstream targets
  4. Send traffic to that api

Actual behavior
Gateway will return 500 error since upstream target is https://http://httpbin.org/

====== Response ======
HTTP/1.1 500 Internal Server Error
Connection: close
Content-Type: application/json
X-Generator: tyk.io

{
    "error": "Upstream host lookup failed"
}

Expected behavior
Gateway should ignore protocol during proxying

Screenshots/Video
If applicable, add screenshots or video to help explain your problem.

Logs (debug mode or log file):

[Aug 06 12:00:29] ERROR proxy: http: proxy error: dial tcp: lookup http: no such host api_id=a8ce936bb43d4ebd41a8c1341cd7a627 api_name=key mw=ReverseProxy org_id=5f290d3f9633d70de64461cb server_name=http: user_id=-- user_ip=127.0.0.1 user_name=

Configuration (tyk config file):
Attach tyk configuration file

Additional context
Testing api definition

{
    "id": "5f29122b9633d70e45b27bbc",
    "name": "key",
    "slug": "key",
    "listen_port": 0,
    "protocol": "https",
    "enable_proxy_protocol": false,
    "api_id": "a8ce936bb43d4ebd41a8c1341cd7a627",
    "org_id": "5f290d3f9633d70de64461cb",
    "use_keyless": true,
    "use_oauth2": false,
    "use_openid": false,
    "openid_options": {
        "providers": [],
        "segregate_by_client": false
    },
    "oauth_meta": {
        "allowed_access_types": [],
        "allowed_authorize_types": [],
        "auth_login_redirect": ""
    },
    "auth": {
        "use_param": false,
        "param_name": "",
        "use_cookie": false,
        "cookie_name": "",
        "auth_header_name": "Authorization",
        "use_certificate": false,
        "validate_signature": false,
        "signature": {
            "algorithm": "",
            "header": "",
            "secret": "",
            "allowed_clock_skew": 0,
            "error_code": 0,
            "error_message": ""
        }
    },
    "auth_configs": {
        "authToken": {
            "use_param": false,
            "param_name": "",
            "use_cookie": false,
            "cookie_name": "",
            "auth_header_name": "Authorization",
            "use_certificate": false,
            "validate_signature": false,
            "signature": {
                "algorithm": "",
                "header": "",
                "secret": "",
                "allowed_clock_skew": 0,
                "error_code": 0,
                "error_message": ""
            }
        },
        "basic": {
            "use_param": false,
            "param_name": "",
            "use_cookie": false,
            "cookie_name": "",
            "auth_header_name": "Authorization",
            "use_certificate": false,
            "validate_signature": false,
            "signature": {
                "algorithm": "",
                "header": "",
                "secret": "",
                "allowed_clock_skew": 0,
                "error_code": 0,
                "error_message": ""
            }
        },
        "coprocess": {
            "use_param": false,
            "param_name": "",
            "use_cookie": false,
            "cookie_name": "",
            "auth_header_name": "Authorization",
            "use_certificate": false,
            "validate_signature": false,
            "signature": {
                "algorithm": "",
                "header": "",
                "secret": "",
                "allowed_clock_skew": 0,
                "error_code": 0,
                "error_message": ""
            }
        },
        "hmac": {
            "use_param": false,
            "param_name": "",
            "use_cookie": false,
            "cookie_name": "",
            "auth_header_name": "Authorization",
            "use_certificate": false,
            "validate_signature": false,
            "signature": {
                "algorithm": "",
                "header": "",
                "secret": "",
                "allowed_clock_skew": 0,
                "error_code": 0,
                "error_message": ""
            }
        },
        "jwt": {
            "use_param": false,
            "param_name": "",
            "use_cookie": false,
            "cookie_name": "",
            "auth_header_name": "Authorization",
            "use_certificate": false,
            "validate_signature": false,
            "signature": {
                "algorithm": "",
                "header": "",
                "secret": "",
                "allowed_clock_skew": 0,
                "error_code": 0,
                "error_message": ""
            }
        },
        "oauth": {
            "use_param": false,
            "param_name": "",
            "use_cookie": false,
            "cookie_name": "",
            "auth_header_name": "Authorization",
            "use_certificate": false,
            "validate_signature": false,
            "signature": {
                "algorithm": "",
                "header": "",
                "secret": "",
                "allowed_clock_skew": 0,
                "error_code": 0,
                "error_message": ""
            }
        },
        "oidc": {
            "use_param": false,
            "param_name": "",
            "use_cookie": false,
            "cookie_name": "",
            "auth_header_name": "Authorization",
            "use_certificate": false,
            "validate_signature": false,
            "signature": {
                "algorithm": "",
                "header": "",
                "secret": "",
                "allowed_clock_skew": 0,
                "error_code": 0,
                "error_message": ""
            }
        }
    },
    "use_basic_auth": false,
    "basic_auth": {
        "disable_caching": false,
        "cache_ttl": 0,
        "extract_from_body": false,
        "body_user_regexp": "",
        "body_password_regexp": ""
    },
    "use_mutual_tls_auth": false,
    "client_certificates": [],
    "upstream_certificates": {},
    "pinned_public_keys": {},
    "enable_jwt": false,
    "use_standard_auth": false,
    "use_go_plugin_auth": false,
    "enable_coprocess_auth": false,
    "jwt_signing_method": "",
    "jwt_source": "",
    "jwt_identity_base_field": "",
    "jwt_client_base_field": "",
    "jwt_policy_field_name": "",
    "jwt_default_policies": [],
    "jwt_issued_at_validation_skew": 0,
    "jwt_expires_at_validation_skew": 0,
    "jwt_not_before_validation_skew": 0,
    "jwt_skip_kid": false,
    "jwt_scope_to_policy_mapping": {},
    "jwt_scope_claim_name": "",
    "notifications": {
        "shared_secret": "",
        "oauth_on_keychange_url": ""
    },
    "enable_signature_checking": false,
    "hmac_allowed_clock_skew": -1,
    "hmac_allowed_algorithms": [],
    "request_signing": {
        "is_enabled": false,
        "secret": "",
        "key_id": "",
        "algorithm": "",
        "header_list": [],
        "certificate_id": "",
        "signature_header": ""
    },
    "base_identity_provided_by": "",
    "definition": {
        "location": "header",
        "key": "x-api-version",
        "strip_path": false
    },
    "version_data": {
        "not_versioned": true,
        "default_version": "",
        "versions": {
            "Default": {
                "name": "Default",
                "expires": "",
                "paths": {
                    "ignored": [],
                    "white_list": [],
                    "black_list": []
                },
                "use_extended_paths": true,
                "extended_paths": {},
                "global_headers": {},
                "global_headers_remove": [],
                "global_response_headers": {},
                "global_response_headers_remove": [],
                "ignore_endpoint_case": false,
                "global_size_limit": 0,
                "override_target": ""
            }
        }
    },
    "uptime_tests": {
        "check_list": [],
        "config": {
            "expire_utime_after": 0,
            "service_discovery": {
                "use_discovery_service": false,
                "query_endpoint": "",
                "use_nested_query": false,
                "parent_data_path": "",
                "data_path": "",
                "port_data_path": "",
                "target_path": "",
                "use_target_list": false,
                "cache_timeout": 60,
                "endpoint_returns_list": false
            },
            "recheck_wait": 0
        }
    },
    "proxy": {
        "preserve_host_header": false,
        "listen_path": "/key/",
        "target_url": "",
        "disable_strip_slash": false,
        "strip_listen_path": true,
        "enable_load_balancing": true,
        "target_list": [
            "http://httpbin.org/",
            "http://httpbin.org/"
        ],
        "check_host_against_uptime_tests": false,
        "service_discovery": {
            "use_discovery_service": false,
            "query_endpoint": "",
            "use_nested_query": false,
            "parent_data_path": "",
            "data_path": "",
            "port_data_path": "",
            "target_path": "",
            "use_target_list": false,
            "cache_timeout": 0,
            "endpoint_returns_list": false
        },
        "transport": {
            "ssl_insecure_skip_verify": false,
            "ssl_ciphers": [],
            "ssl_min_version": 0,
            "ssl_force_common_name_check": false,
            "proxy_url": ""
        }
    },
    "disable_rate_limit": false,
    "disable_quota": false,
    "custom_middleware": {
        "pre": [],
        "post": [],
        "post_key_auth": [],
        "auth_check": {
            "name": "",
            "path": "",
            "require_session": false,
            "raw_body_only": false
        },
        "response": [],
        "driver": "",
        "id_extractor": {
            "extract_from": "",
            "extract_with": "",
            "extractor_config": {}
        }
    },
    "custom_middleware_bundle": "",
    "cache_options": {
        "cache_timeout": 60,
        "enable_cache": true,
        "cache_all_safe_requests": false,
        "cache_response_codes": [],
        "enable_upstream_cache_control": false,
        "cache_control_ttl_header": "",
        "cache_by_headers": []
    },
    "session_lifetime": 0,
    "active": true,
    "internal": false,
    "auth_provider": {
        "name": "",
        "storage_engine": "",
        "meta": {}
    },
    "session_provider": {
        "name": "",
        "storage_engine": "",
        "meta": {}
    },
    "event_handlers": {
        "events": {}
    },
    "enable_batch_request_support": false,
    "enable_ip_whitelisting": false,
    "allowed_ips": [],
    "enable_ip_blacklisting": false,
    "blacklisted_ips": [],
    "dont_set_quota_on_create": false,
    "expire_analytics_after": 0,
    "response_processors": [],
    "CORS": {
        "enable": false,
        "allowed_origins": [],
        "allowed_methods": [],
        "allowed_headers": [],
        "exposed_headers": [],
        "allow_credentials": false,
        "max_age": 24,
        "options_passthrough": false,
        "debug": false
    },
    "domain": "",
    "certificates": [],
    "do_not_track": false,
    "tags": [],
    "enable_context_vars": false,
    "config_data": {},
    "tag_headers": [],
    "global_rate_limit": {
        "rate": 0,
        "per": 0
    },
    "strip_auth_data": false,
    "enable_detailed_recording": false,
    "graphql": {
        "enabled": false,
        "execution_mode": "",
        "schema": "",
        "type_field_configurations": [],
        "playground": {
            "enabled": false,
            "path": ""
        }
    }
}
@ilijabojanovic ilijabojanovic added the bug label Aug 6, 2020
@gernest gernest self-assigned this Aug 19, 2020
@gernest
Copy link
Member

@gernest gernest commented Sep 21, 2020

I have investigated this on the latest master. I followed the mentioned steps and failed to reproduce it.

I remember when this was first opened I was able to reproduce it, it seems someone pushed unrelated changes that addressed this issue.

I'm closing this for now, if you can still reproduce this on latest mater branch you can reopen it with new info on how to reproduce it.
@gernest gernest closed this Sep 21, 2020
@gernest gernest reopened this Sep 23, 2020
gernest added a commit that referenced this issue Sep 23, 2020
@gernest
Fix ensuring transport to upstream
Verified
This commit was signed with a verified signature.
Image gernest Geofrey Ernest
GPG key ID: 8EF131B633C24F75 Learn about signing commits
Loading status checks…
720b89e 
Fixes #3259
This refactors EnsureTransport function for properly ensuring transport
is present on the host when  load balancer is enabled.

We rely on url.Parse to do heavy lifting. We add missing Scheme field to
make sure URL.String will return a valid
upstream host.
@gernest gernest mentioned this issue Sep 23, 2020
Merged
0 of 17 tasks complete
gernest added a commit that referenced this issue Sep 25, 2020
@gernest
[TT-278] Fix ensuring transport to upstream (#3329)
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
3434dc8 
* Fix ensuring transport to upstream

Fixes #3259
This refactors EnsureTransport function for properly ensuring transport
is present on the host when  load balancer is enabled.

We rely on url.Parse to do heavy lifting. We add missing Scheme field to
make sure URL.String will return a valid
upstream host.

* use http when scheme and protocol are missing
tykbot bot pushed a commit that referenced this issue Oct 20, 2020
@gernest Tyk Bot
[TT-278] Fix ensuring transport to upstream (#3329)
Loading status checks…
d0cab35 
* Fix ensuring transport to upstream

Fixes #3259
This refactors EnsureTransport function for properly ensuring transport
is present on the host when  load balancer is enabled.

We rely on url.Parse to do heavy lifting. We add missing Scheme field to
make sure URL.String will return a valid
upstream host.

* use http when scheme and protocol are missing

(cherry picked from commit 3434dc8)
tykbot bot pushed a commit that referenced this issue Oct 20, 2020
@gernest Tyk Bot
[TT-278] Fix ensuring transport to upstream (#3329)
Loading status checks…
6f5d0e3 
* Fix ensuring transport to upstream

Fixes #3259
This refactors EnsureTransport function for properly ensuring transport
is present on the host when  load balancer is enabled.

We rely on url.Parse to do heavy lifting. We add missing Scheme field to
make sure URL.String will return a valid
upstream host.

* use http when scheme and protocol are missing

(cherry picked from commit 3434dc8)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gernest gernest

Labels
bug
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

[TT-278] Fix ensuring transport to upstream
2 participants
@gernest @ilijabojanovic
You can’t perform that action at this time.