This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

API giving 503 service unavailable when ConcurrentRateLimit policy is placed

Posted on 07-19-2017 11:10 PM
gauravjain_59
New Member
Reply posted on --/--/---- --:-- AM

Hi

I have attached ConcurrentRateLimit policy to protect my backend as described below

http://docs.apigee.com/api-services/reference/concurrent-rate-limit-policy

Now when my API from backend returns 404 (Not Found) , ConcurrentRateLimit policy fails at Response Flow at TargetEndPoint and converts it into 503 (Service Unavailable) which is incorrect.

I am attaching the proxy bundle and the trace session. Please advise

Thanks

concurrent-issue.zip

concurrent-issue.zip
1 5 468
Topic Labels
5 REPLIES 5

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

@GAURAV, Whenever there is a fault executing the CRL policy, it responds with 503 by default.

I see the below interesting thing in your trace file which I think is causing the policy to raise a fault. Is this on cloud or private cloud?

More info here https://docs.oracle.com/javase/7/docs/api/java/lang/IllegalMonitorStateException.html

cc @Peter Johnson @Vedanth Bhangale any thoughts on how to fix this?

 <Properties>
                <Property name="error">null</Property>
                <Property name="type">ErrorPoint</Property>
                <Property name="state">TARGET_RESP_FLOW</Property>
                <Property name="error.class">java.lang.IllegalMonitorStateException</Property>
  </Properties>
0 Likes

Posted on --/--/---- --:-- AM
gauravjain_59
New Member
In response to
Reply posted on --/--/---- --:-- AM

It's private cloud and this is happening whenever Backend API responds with HTTP status other than 200. So my point is that why ConcurrentRateLimit policy is failing when API responds with 404 or Http status other than 200 when it has nothing to do with Concurrency ?

Attaching the screenshots for success and failure.

If you see there is one policy (AM-RemoveResponseSetCookieHeader) before CRL which executes in case of success but it doesn't execute in case of failure (404), it's just for FYI.

200-success.jpg

404-error.jpg

0 Likes

Posted on --/--/---- --:-- AM
adevegowda
Staff
Reply posted on --/--/---- --:-- AM

@Gaurav,

1. I have been able to reproduce this behaviour with a simple API Proxy locally. Will investigate further and get back to you.

2. When you get the 404 or any other non 200 response code from the backend server, we get into error flow, so the AM-RemoveResponseSetCookieHeader policy does not run. However, the CRL policy is there in error flow (DefaultFaultRule) as well, so it gets executed even when we get an error response code from the backend server.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Has there been any further updates/resolution to this issue? I am encountering the same problem with ConcurrentRatelimit when a non 200 response code is returned by the backend server.

0 Likes

Posted on --/--/---- --:-- AM
adevegowda
Staff
Reply posted on --/--/---- --:-- AM

@GAURAV and @Viji Sarathy

When we get an error response for an API with Concurrent Rate limit policy, we were getting java.lang.IllegalMonitorStateException and 503 Service Unavailable error was being returned irrespective of what error response we get for the actual API. This issue has now been fixed in latest Private Cloud release 4.17.09. Please test and verify with this release.

0 Likes