Re: API call fails from the REST application

sundarprince86 · 07-08-2021 07:36 AM

Hi Team,

We have a list of virtual host for non prod and prod environment. We have a Talend Application cluster running on AWS environment. When user is trying to make an API call from Talend application they get the following error. If we make an API call from the instance without using application sometimes it works like 5 jobs are passing out of 27 jobs.

Error: Caused by: java.net.SocketException: SocketException invoking https://virtualhost/v1/data: Unexpected end of file from server

If they make an API call directly to a third party API instead of using Apigee virtual host it is working seamlessly. If we try to use them using apigee virtual host it fails. We tried to increase the proxy read timeout and proxy keepalive timeout in virtual host but didn't help as expected.

Commands used through virtual host which doesn't work

curl -x proxy:port --proxy-user ${user}:${key} --data "client_id=REDACTED&client_secret=${apiPassword}&grant_type=client_credentials" -L https://virtualhost/v1/token

curl -x proxy:port --proxy-user ${user}:${key} -H "Authorization: Bearer ${access_token}" https://virtualhost/v1/data -d "{requests:[{ url:'REDACTED', method: 'GET'}]}" > test_extract.txt

Commands used for third party API directly from Instance which is working fine

curl -x proxy:port --proxy-user ${user}:${key} -H 'Authorization: ApiKey ${API_Key}' -L "https://thirdpartyapis/v2.0/services/bulk/execute " -d "{requests:[{url:'REDACTED', method: 'GET'}]}"

dchiesa1

Sorry you're having trouble.

What version of Apigee are you using? OPDK? Apigee Edge? Apigee X? something else?

I am not clear what Talend does. Is that a cluster manager like Kubernetes?

What does this mean:

If we make an API call from the instance without using application

? Does "without using application" mean, using curl, from a terminal on the VM instance?

From your curl commands I guess you you are using an HTTP proxy from that instance. Could that be the problem?

Can you invoke the Apigee endpoint from systems other than your Talend cluster? I don't suppose it is a timeout in Apigee - you would have investigated that separately.

Guessing from the error message, the Talend cluster is hosting a Java-based app. The SocketException can occur in a Java app when the TLS negotiation fails, among other reasons. Have you checked the TLS connection? Does the Apigee endpoint have 2-way TLS? And if so does your Java client have the proper keys and certs configured to make that work? Are you using a modern Java JRE? At least Java8 with all updates (u221)? Or later?

If you have 1-way or 2-way TLS on the Apigee endpoint, can you try...setting up another endpoint, another vhost in Apigee that does not use TLS? And see if you can invoke THAT from your Talend instance? If you can get that working , it demonstrates network connectivity. After you succeed there, then get the 1-way TLS connection working. This may require updating your Java JRE, and your cacerts file. You may want to write a custom test tool in Java in order to facilitate this - all it will do is connect and make a single API call. But it will verify the TLS and network.

After that, if you need 2-way TLS, then proceed to that.

Stepwise, you can work through it and solve the problem.

sundarprince86

We use Apigee edge and Talend application runs on a AWS EC2 instances which forms a cluster. We use one way TLS on virtual host. I will try to create a new virtual host and check whether it eliminates any issue. talend is a java based application just fyi

I will check the remaining things from my end and come back to you.

Talend job/curl -> EC2 instance -> SQUID proxy -> APIGEE -> backend

Denis_KALITVI

It seems like something in the way closing the socket\network connection before all data returned back to the client.

You have something like this, right?: where client = talend, virtualhost = Apigee

This way you get the unexpected EOF, while if you remove the 'virtual host' cube, it all works.

From here, can you tell us what is the API needs to return? Is it streaming file, bulk(long response) or what?

What can you see in your Apigee trace when you do this, where EOF error comes from? From Apigee or from the backend in the trace palette? If you get 502, I think this might help you: https://docs.apigee.com/api-platform/troubleshoot/runtime/502-bad-gateway

Your backend closes the stream before all data passed to Apigee, imo.