From 3e8cd1b67d2ae93e9f11f852907d66d78bcfcefa Mon Sep 17 00:00:00 2001
From: Clark Boylan <clark.boylan@gmail.com>
Date: Fri, 7 Dec 2018 14:49:15 -0800
Subject: [PATCH] Set apache proxy-initial-not-pooled env var

We've run into what appears to be a race with apache trying to reuse a
pooled connection to a backend when that pool connection is closing.
This leads to errors like:

  [Fri Dec 07 21:44:10.752362 2018] [proxy_http:error] [pid 19073:tid 139654393218816] (20014)Internal error (specific information not available): [client 104.130.127.213:45408] AH01102: error reading status line from remote server 127.0.0.1:60999
  [Fri Dec 07 21:44:10.752405 2018] [proxy:error] [pid 19073:tid 139654393218816] [client 104.130.127.213:45408] AH00898: Error reading from remote server returned by /image/v2/images/ec31a4fd-e22b-4e97-8c6c-1ef330823fc1/file

According to the internets this can be addressed (at the cost of some
performance) by setting the proxy-initial-not-pooled env var for mod
proxy. From the mod_proxy docs:

  If this variable is set, no pooled connection will be reused if the client
  request is the initial request on the frontend connection. This avoids the
  "proxy: error reading status line from remote server" error message caused
  by the race condition that the backend server closed the pooled connection
  after the connection check by the proxy and before data sent by the proxy
  reached the backend. It has to be kept in mind that setting this variable
  downgrades performance, especially with HTTP/1.0 clients.

Closes-Bug: #1807518

Change-Id: I374deddefaa033de858b7bc15f893bf731ad7ff2
(cherry picked from commit e344c97c0eb93e1d96ca8ebe250bb08d227ef5ac)
---
 lib/tls | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/tls b/lib/tls
index e3ed3cc2ac..32544af18b 100644
--- a/lib/tls
+++ b/lib/tls
@@ -543,6 +543,9 @@ $listen_string
     LimitRequestFieldSize $f_header_size
     RequestHeader set X-Forwarded-Proto "https"
 
+    # Avoid races (at the cost of performance) to re-use a pooled connection
+    # where the connection is closed (bug 1807518).
+    SetEnv proxy-initial-not-pooled
     <Location />
         ProxyPass http://$b_host:$b_port/ retry=0 nocanon
         ProxyPassReverse http://$b_host:$b_port/