Magento2: nginx config & varnish 4 vcl 503 backend fetch failed
Preconditions
Magento 2.2.0 RC1.1
Magento 2.2.0 RC1.2
Steps to reproduce
I followed this guide:
https://www.rosehosting.com/blog/magento-2-with-redis-varnish-and-nginx-as-ssl-termination/
Expected result
A working magento 2...
Actual result
503 backend fetch failed
Varnishlog:
- Begin bereq 9 fetch
- Timestamp Start: 1499414900.021832 0.000000 0.000000
- BereqMethod GET
- BereqURL /
- BereqProtocol HTTP/1.1
- BereqHeader Host: testhost
- BereqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0
- BereqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- BereqHeader Accept-Language: nl,en-US;q=0.7,en;q=0.3
- BereqHeader Cookie: mage-translation-storage=%7B%7D; mage-translation-file-version=%7B%7D; form_key=wnJxYLGqvzy2oP3v; mage-cache-storage=%7B%7D; mage-cache-storage-section-invalidation=%7B%7D; mage-cache-sessid=true; mage-messages=; section_data_ids=%7B%22cart%22%3A
- BereqHeader Upgrade-Insecure-Requests: 1
- BereqHeader X-Forwarded-For: 89.255.20.154
- BereqHeader grace: none
- BereqHeader Accept-Encoding: gzip
- BereqHeader X-Varnish: 10
- VCL_call BACKEND_FETCH
- VCL_return fetch
- FetchError no backend connection
- Timestamp Beresp: 1499414900.021905 0.000074 0.000074
- Timestamp Error: 1499414900.021909 0.000078 0.000004
- BerespProtocol HTTP/1.1
- BerespStatus 503
- BerespReason Service Unavailable
- BerespReason Backend fetch failed
- BerespHeader Date: Fri, 07 Jul 2017 08:08:20 GMT
- BerespHeader Server: Varnish
- VCL_call BACKEND_ERROR
- BerespHeader Content-Type: text/html; charset=utf-8
- BerespHeader Retry-After: 5
- VCL_return deliver
- Storage malloc Transient
- ObjProtocol HTTP/1.1
- ObjStatus 503
- ObjReason Backend fetch failed
- ObjHeader Date: Fri, 07 Jul 2017 08:08:20 GMT
- ObjHeader Server: Varnish
- ObjHeader Content-Type: text/html; charset=utf-8
- ObjHeader Retry-After: 5
- Length 279
- BereqAcct 0 0 0 0 0 0
- End
* << Request >> 9
- Begin req 8 rxreq
- Timestamp Start: 1499414900.021749 0.000000 0.000000
- Timestamp Req: 1499414900.021749 0.000000 0.000000
- ReqStart 89.255.20.154 61512
- ReqMethod GET
- ReqURL /
- ReqProtocol HTTP/1.1
- ReqHeader Host: testhost
- ReqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0
- ReqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- ReqHeader Accept-Language: nl,en-US;q=0.7,en;q=0.3
- ReqHeader Accept-Encoding: gzip, deflate
- ReqHeader Cookie: mage-translation-storage=%7B%7D; mage-translation-file-version=%7B%7D; form_key=wnJxYLGqvzy2oP3v; mage-cache-storage=%7B%7D; mage-cache-storage-section-invalidation=%7B%7D; mage-cache-sessid=true; mage-messages=; section_data_ids=%7B%22cart%22%3A
- ReqHeader Connection: keep-alive
- ReqHeader Upgrade-Insecure-Requests: 1
- ReqHeader Cache-Control: max-age=0
- ReqHeader X-Forwarded-For: 89.255.20.154
- VCL_call RECV
- ReqHeader grace: none
- ReqURL /
- ReqUnset Accept-Encoding: gzip, deflate
- ReqHeader Accept-Encoding: gzip
- ReqURL /
- ReqURL /
- ReqURL /
- VCL_return hash
- VCL_call HASH
- VCL_return lookup
- VCL_call MISS
- VCL_return fetch
- Link bereq 10 fetch
- Timestamp Fetch: 1499414900.021973 0.000225 0.000225
- RespProtocol HTTP/1.1
- RespStatus 503
- RespReason Backend fetch failed
- RespHeader Date: Fri, 07 Jul 2017 08:08:20 GMT
- RespHeader Server: Varnish
- RespHeader Content-Type: text/html; charset=utf-8
- RespHeader Retry-After: 5
- RespHeader X-Varnish: 9
- RespHeader Age: 0
- RespHeader Via: 1.1 varnish-v4
- VCL_call DELIVER
- RespUnset Age: 0
- RespUnset Server: Varnish
- RespUnset X-Varnish: 9
- RespUnset Via: 1.1 varnish-v4
- VCL_return deliver
- Timestamp Process: 1499414900.021998 0.000249 0.000025
- RespHeader Content-Length: 279
- Debug "RES_MODE 2"
- RespHeader Connection: keep-alive
- Timestamp Resp: 1499414900.022022 0.000273 0.000024
- ReqAcct 646 0 646 175 279 454
- End
* << Session >> 8
- Begin sess 0 HTTP/1
- SessOpen 89.255.20.154 61512 :80 123.456.789.112 80 1499414900.020723 15
- Link req 9 rxreq
- SessClose REM_CLOSE 5.050
- End
I changed the base url of magento to port 8080, and it was working as normally.
Also:
wget host:8080
connected. HTTP request sent, awaiting response... 302 Found
Fix
After i used the old varnish.vcl from Magento 2.1.7 or earlier. Everything worked as normal.
Old not working varnish.vcl (Magento 2.2.0 RC1.2):
vcl 4.0;
import std;
# The minimal Varnish version is 4.0
# For SSL offloading, pass the following header in your proxy server or load balancer: 'X-Forwarded-Proto: https'
backend default {
.host = "localhost";
.port = "8080";
.first_byte_timeout = 600s;
.probe = {
.url = "/pub/health_check.php";
.timeout = 2s;
.interval = 5s;
.window = 10;
.threshold = 5;
}
}
acl purge {
"localhost";
}
sub vcl_recv {
if (req.method == "PURGE") {
if (client.ip !~ purge) {
return (synth(405, "Method not allowed"));
}
# To use the X-Pool header for purging varnish during automated deployments, make sure the X-Pool header
# has been added to the response in your backend server config. This is used, for example, by the
# capistrano-magento2 gem for purging old content from varnish during it's deploy routine.
if (!req.http.X-Magento-Tags-Pattern && !req.http.X-Pool) {
return (synth(400, "X-Magento-Tags-Pattern or X-Pool header required"));
}
if (req.http.X-Magento-Tags-Pattern) {
ban("obj.http.X-Magento-Tags ~ " + req.http.X-Magento-Tags-Pattern);
}
if (req.http.X-Pool) {
ban("obj.http.X-Pool ~ " + req.http.X-Pool);
}
return (synth(200, "Purged"));
}
if (req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
req.method != "POST" &&
req.method != "TRACE" &&
req.method != "OPTIONS" &&
req.method != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
# We only deal with GET and HEAD by default
if (req.method != "GET" && req.method != "HEAD") {
return (pass);
}
# Bypass shopping cart, checkout and search requests
if (req.url ~ "/checkout" || req.url ~ "/catalogsearch") {
return (pass);
}
# Bypass health check requests
if (req.url ~ "/pub/health_check.php") {
return (pass);
}
# Set initial grace period usage status
set req.http.grace = "none";
# normalize url in case of leading HTTP scheme and domain
set req.url = regsub(req.url, "^http[s]?://", "");
# collect all cookies
std.collect(req.http.Cookie);
# Compression filter. See https://www.varnish-cache.org/trac/wiki/FAQ/Compression
if (req.http.Accept-Encoding) {
if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf|flv)$") {
# No point in compressing these
unset req.http.Accept-Encoding;
} elsif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") {
set req.http.Accept-Encoding = "deflate";
} else {
# unkown algorithm
unset req.http.Accept-Encoding;
}
}
# Remove Google gclid parameters to minimize the cache objects
set req.url = regsuball(req.url,"\?gclid=[^&]+$",""); # strips when QS = "?gclid=AAA"
set req.url = regsuball(req.url,"\?gclid=[^&]+&","?"); # strips when QS = "?gclid=AAA&foo=bar"
set req.url = regsuball(req.url,"&gclid=[^&]+",""); # strips when QS = "?foo=bar&gclid=AAA" or QS = "?foo=bar&gclid=AAA&bar=baz"
# Static files caching
if (req.url ~ "^/(pub/)?(media|static)/.*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|html|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|otf|ogg|ogm|opus|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|tiff|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)$") {
# Static files should not be cached by default
return (pass);
# But if you use a few locales and don't use CDN you can enable caching static files by commenting previous line (#return (pass);) and uncommenting next 3 lines
#unset req.http.Https;
#unset req.http.X-Forwarded-Proto;
#unset req.http.Cookie;
}
return (hash);
}
sub vcl_hash {
if (req.http.cookie ~ "X-Magento-Vary=") {
hash_data(regsub(req.http.cookie, "^.*?X-Magento-Vary=([^;]+);*.*$", "\1"));
}
# For multi site configurations to not cache each other's content
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
# To make sure http users don't see ssl warning
if (req.http.X-Forwarded-Proto) {
hash_data(req.http.X-Forwarded-Proto);
}
}
sub vcl_backend_response {
set beresp.grace = 3d;
if (beresp.http.content-type ~ "text") {
set beresp.do_esi = true;
}
if (bereq.url ~ "\.js$" || beresp.http.content-type ~ "text") {
set beresp.do_gzip = true;
}
# cache only successfully responses and 404s
if (beresp.status != 200 && beresp.status != 404) {
set beresp.ttl = 0s;
set beresp.uncacheable = true;
return (deliver);
} elsif (beresp.http.Cache-Control ~ "private") {
set beresp.uncacheable = true;
set beresp.ttl = 86400s;
return (deliver);
}
if (beresp.http.X-Magento-Debug) {
set beresp.http.X-Magento-Cache-Control = beresp.http.Cache-Control;
}
# validate if we need to cache it and prevent from setting cookie
# images, css and js are cacheable by default so we have to remove cookie also
if (beresp.ttl > 0s && (bereq.method == "GET" || bereq.method == "HEAD")) {
unset beresp.http.set-cookie;
if (bereq.url !~ "\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|html|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|otf|ogg|ogm|opus|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|tiff|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?|$)") {
set beresp.http.Pragma = "no-cache";
set beresp.http.Expires = "-1";
set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate, max-age=0";
}
}
# If page is not cacheable then bypass varnish for 2 minutes as Hit-For-Pass
if (beresp.ttl <= 0s ||
beresp.http.Surrogate-control ~ "no-store" ||
(!beresp.http.Surrogate-Control && beresp.http.Vary == "*")) {
# Mark as Hit-For-Pass for the next 2 minutes
set beresp.ttl = 120s;
set beresp.uncacheable = true;
}
return (deliver);
}
sub vcl_deliver {
if (resp.http.X-Magento-Debug) {
if (resp.http.x-varnish ~ " ") {
set resp.http.X-Magento-Cache-Debug = "HIT";
set resp.http.Grace = req.http.grace;
} else {
set resp.http.X-Magento-Cache-Debug = "MISS";
}
} else {
unset resp.http.Age;
}
unset resp.http.X-Magento-Debug;
unset resp.http.X-Magento-Tags;
unset resp.http.X-Powered-By;
unset resp.http.Server;
unset resp.http.X-Varnish;
unset resp.http.Via;
unset resp.http.Link;
}
sub vcl_hit {
if (obj.ttl >= 0s) {
# Hit within TTL period
return (deliver);
}
if (std.healthy(req.backend_hint)) {
if (obj.ttl + 300s > 0s) {
# Hit after TTL expiration, but within grace period
set req.http.grace = "normal (healthy server)";
return (deliver);
} else {
# Hit after TTL and grace expiration
return (fetch);
}
} else {
# server is not healthy, retrieve from cache
set req.http.grace = "unlimited (unhealthy server)";
return (deliver);
}
}
Working varnish.vcl:
vcl 4.0;
import std;
# The minimal Varnish version is 4.0
# For SSL offloading, pass the following header in your proxy server or load balancer: 'X-Forwarded-Proto: https'
backend default {
.host = "127.0.0.1";
.port = "8080";
}
acl purge {
"127.0.0.1";
}
sub vcl_recv {
if (req.method == "PURGE") {
if (client.ip !~ purge) {
return (synth(405, "Method not allowed"));
}
if (!req.http.X-Magento-Tags-Pattern) {
return (synth(400, "X-Magento-Tags-Pattern header required"));
}
ban("obj.http.X-Magento-Tags ~ " + req.http.X-Magento-Tags-Pattern);
return (synth(200, "Purged"));
}
if (req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
req.method != "POST" &&
req.method != "TRACE" &&
req.method != "OPTIONS" &&
req.method != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
# We only deal with GET and HEAD by default
if (req.method != "GET" && req.method != "HEAD") {
return (pass);
}
# Bypass shopping cart, checkout and search requests
if (req.url ~ "/checkout" || req.url ~ "/catalogsearch") {
return (pass);
}
# normalize url in case of leading HTTP scheme and domain
set req.url = regsub(req.url, "^http[s]?://", "");
# collect all cookies
std.collect(req.http.Cookie);
# Compression filter. See https://www.varnish-cache.org/trac/wiki/FAQ/Compression
if (req.http.Accept-Encoding) {
if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf|flv)$") {
# No point in compressing these
unset req.http.Accept-Encoding;
} elsif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") {
set req.http.Accept-Encoding = "deflate";
} else {
# unkown algorithm
unset req.http.Accept-Encoding;
}
}
# Remove Google gclid parameters to minimize the cache objects
set req.url = regsuball(req.url,"\?gclid=[^&]+$",""); # strips when QS = "?gclid=AAA"
set req.url = regsuball(req.url,"\?gclid=[^&]+&","?"); # strips when QS = "?gclid=AAA&foo=bar"
set req.url = regsuball(req.url,"&gclid=[^&]+",""); # strips when QS = "?foo=bar&gclid=AAA" or QS = "?foo=bar&gclid=AAA&bar=baz"
# static files are always cacheable. remove SSL flag and cookie
if (req.url ~ "^/(pub/)?(media|static)/.*\.(ico|css|js|jpg|jpeg|png|gif|tiff|bmp|mp3|ogg|svg|swf|woff|woff2|eot|ttf|otf)$") {
unset req.http.Https;
unset req.http.X-Forwarded-Proto;
unset req.http.Cookie;
}
return (hash);
}
sub vcl_hash {
if (req.http.cookie ~ "X-Magento-Vary=") {
hash_data(regsub(req.http.cookie, "^.*?X-Magento-Vary=([^;]+);*.*$", "\1"));
}
# For multi site configurations to not cache each other's content
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
# To make sure http users don't see ssl warning
if (req.http.X-Forwarded-Proto) {
hash_data(req.http.X-Forwarded-Proto);
}
/* {{ design_exceptions_code }} */
}
sub vcl_backend_response {
if (beresp.http.content-type ~ "text") {
set beresp.do_esi = true;
}
if (bereq.url ~ "\.js$" || beresp.http.content-type ~ "text") {
set beresp.do_gzip = true;
}
# cache only successfully responses and 404s
if (beresp.status != 200 && beresp.status != 404) {
set beresp.ttl = 0s;
set beresp.uncacheable = true;
return (deliver);
} elsif (beresp.http.Cache-Control ~ "private") {
set beresp.uncacheable = true;
set beresp.ttl = 86400s;
return (deliver);
}
if (beresp.http.X-Magento-Debug) {
set beresp.http.X-Magento-Cache-Control = beresp.http.Cache-Control;
}
# validate if we need to cache it and prevent from setting cookie
# images, css and js are cacheable by default so we have to remove cookie also
if (beresp.ttl > 0s && (bereq.method == "GET" || bereq.method == "HEAD")) {
unset beresp.http.set-cookie;
if (bereq.url !~ "\.(ico|css|js|jpg|jpeg|png|gif|tiff|bmp|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|woff|woff2|eot|ttf|otf)(\?|$)") {
set beresp.http.Pragma = "no-cache";
set beresp.http.Expires = "-1";
set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate, max-age=0";
set beresp.grace = 1m;
}
}
# If page is not cacheable then bypass varnish for 2 minutes as Hit-For-Pass
if (beresp.ttl <= 0s ||
beresp.http.Surrogate-control ~ "no-store" ||
(!beresp.http.Surrogate-Control && beresp.http.Vary == "*")) {
# Mark as Hit-For-Pass for the next 2 minutes
set beresp.ttl = 120s;
set beresp.uncacheable = true;
}
return (deliver);
}
sub vcl_deliver {
if (resp.http.X-Magento-Debug) {
if (resp.http.x-varnish ~ " ") {
set resp.http.X-Magento-Cache-Debug = "HIT";
} else {
set resp.http.X-Magento-Cache-Debug = "MISS";
}
} else {
unset resp.http.Age;
}
unset resp.http.X-Magento-Debug;
unset resp.http.X-Magento-Tags;
unset resp.http.X-Powered-By;
unset resp.http.Server;
unset resp.http.X-Varnish;
unset resp.http.Via;
unset resp.http.Link;
}
FrameworCache
Fixed in 2.2.x
Clear Description
Confirmed
Format is valid
Ready for Work
bug report
xptwaalf
🎉2
All 13 comments
@xptwaalf can you provide your log file output? Also, it would help if you post the new and the old nginx and varnish config files (those that work and those that do not).
One more thing to try: can you try the fetch without varnish and confirm that your web server returns a successful response? Normally varnish will return 503 when the web server itself is returning a 500 or similar.
misha-kotov
on 6 Jul 2017
Update - i tried it aigan, saved the logs here. Apparently the nignx.conf.sample had nothing to do with it. just the varnish.vcl.
xptwaalf
on 7 Jul 2017
👍1
Reproduced the same error with a different basis VCL (it was some advanced VCL stuff mixed with relevant Magento-Directives. I also had a probe in the backend node, which seemed to cause trouble.
Using the working VCL in this issue has solved the problem for me as well.
grasdaggel
on 23 Aug 2017
The web server configuration for NGINX and Apache2 would need to be changed to allow access to /health_check.php.
Currently https://github.com/magento/magento2/blob/9c98f61b03f06153dcd01cce00f2b9af52fe2ba3/nginx.conf.sample#L165 isn't matched, so health_check.php falls into this location: https://github.com/magento/magento2/blob/9c98f61b03f06153dcd01cce00f2b9af52fe2ba3/nginx.conf.sample#L202-L204 - which would then deny access to varnish for the healthcheck and varnish would mark the backend as sick.
kierenevans
on 25 Aug 2017
👍3
Thanks, internal issue filed under MAGETWO-72232
misha-kotov
on 1 Sep 2017
I believe this problem is related to the use of the deprecated return(fetch) in vcl_hit.
return(fetch) should be replaced with return(miss).
To be confirmed.
farinexquebec
on 18 Oct 2017
Same issue with Varnish 5.0, Magento 2.2, and nginx.
So in my case, Varnish was immediately reporting "503 backend fetch failed" with the same "no backend connection" error in varnishlog, and it turned out it was due to the probe for health_check.php returning a 404 error.
Simple solution - the probe in Magento's VCL conf file is pointing to the wrong address, seeing as nginx.conf.sample sets the root to /pub already.
.probe = {
.url = "/pub/health_check.php";
````
should be:
.probe = {
.url = "/health_check.php";
I also had to allow health_check.php in the nginx conf file, as kierenevans stated above.
location ~ (index|get|static|report|404|503|health_check).php$ {
```
Edit: just noticed that the "/pub" address problem is also referenced in #11692. Is this a duplicate, or is OP having the same symptoms with a different cause?
thatwill
on 28 Oct 2017
👍11
Fixed the missing health_check.php in https://github.com/magento/magento2/commit/73178d87e5bc719c57e4dc874de3a4e62977e2bd
andrewhowdencom
on 1 Nov 2017
Hi @andrewhowdencom Thank you for the fix. It was delivered with 2.2.2. release
okorshenko
on 13 Dec 2017
Coming to Magento 2.3, we have the same issue.
Converting .url = "/pub/health_check.php"; to .url = "/health_check.php"; FIXED the issue.
MagePsycho
on 6 Feb 2019
Can confirm that a fresh install of Magento 2.3 (from composer) have the same issue as @MagePsycho mentioned.
Jerry-Yocupco
on 12 Mar 2019
The additional /pub issue is https://github.com/magento/magento2/issues/11692
andrewhowdencom
on 18 Mar 2019
I read the thread and looks helpful.
In my case, I am using Magneto DevOps. And many people are asking to simply remove the maintenance flag.
But I am a bit scared to do that. This tutorial mentions the same.
https://www.hows.tech/2019/07/error-503-backend-fetch-failed.html
Shall I go for it?
scdroid13
on 2 Jul 2019
Was this page helpful?
0 / 5 - 0 ratings
Related issues
fvillata
路
3Comments
andreaskoch
路
3Comments
algostore
路
3Comments
PushEngineering
路
3Comments
punkstar
路
3Comments
Most helpful comment
Same issue with Varnish 5.0, Magento 2.2, and nginx.
So in my case, Varnish was immediately reporting "503 backend fetch failed" with the same "no backend connection" error in varnishlog, and it turned out it was due to the probe for health_check.php returning a 404 error.
Simple solution - the probe in Magento's VCL conf file is pointing to the wrong address, seeing as
nginx.conf.samplesets the root to /pub already.location ~ (index|get|static|report|404|503|health_check).php$ {
```
Edit: just noticed that the "/pub" address problem is also referenced in #11692. Is this a duplicate, or is OP having the same symptoms with a different cause?