This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Endpoint Error Handling
This page describes error handling for endpoints. It contains the following sections:
Overview
The last step of a message processing inside WSO2 Enterprise Service Bus is to send the message to a service provider (see also Mediating Messages) by sending the message to a listening service endpoint. During this process, transport errors can occur. For example, the connection might time out, or it might be closed by the actual service. Therefore, endpoint error handling is a key part of any successful ESB deployment.
Messages can fail or be lost due to various reasons in a real TCP network. When an error occurs, if the ESB is not configured to accept the error, it will mark the endpoint as failed, which leads to a message failure. By default, the endpoint is marked as failed for quite a long time, and due to this error, subsequent messages can get lost.
To avoid lost messages, you configure error handling at the endpoint level. You should also run a few long-running load tests to discover errors and fine-tune the endpoint configurations for errors that can occur intermittently due to various reasons.
For information on general error handling and error codes in the ESB, see Error Handling.
Endpoint states
At any given time, the state of the endpoint can be one of the following:
State | Description |
|---|---|
Endpoint is running and handling requests. | |
Endpoint encountered an error but can still send and receive messages. If it continues to encounter errors, it will be suspended. | |
Endpoint encountered errors and cannot send or receive messages. Incoming messages to a suspended endpoint result in a fault. | |
OFF | Endpoint is not active. To put an endpoint into the OFF state, or to move it from OFF to Active, you must use JMX. |
Active
When WSO2 Enterprise Service Bus starts, endpoints are in the "Active" state and ready to handle messages. If the user does not put the endpoint into the OFF state, it will be in the "Active" state until an error occurs.
The endpoint can be configured to stay in the "Active" state or to go to "Timeout" or "Suspended" based on the error codes you configure for those states. When an error occurs, the endpoint checks to see whether it is a "Timeout" error first, and if not, it checks to see whether it is a "Suspended" error. If the error is not defined for either "Timeout" or "Suspended," the error will be ignored and the endpoint will stay Active.
Timeout
When an endpoint is in the "Timeout" state, it will continue to attempt to receive messages until one message succeeds or the maximum retry setting has been reached. If the maximum is reached at which point the endpoint is marked as "Suspended." If one message succeeds, the endpoint is marked as "Active."
For example, let's assume the number of retries is set to 3. When an error occurs and the endpoint is set to the "Timeout" state, the ESB can try to send up to three more messages to the endpoint. If the next three messages sent to this endpoint result in an error, the endpoint is put in the "Suspended" state. If one of the messages succeeds before the retry maximum is met, the endpoint will be marked as "Active."
Suspended
A "Suspended" endpoint cannot send or receive messages. When an endpoint is put into this state, the ESB waits until after an initial duration has elapsed (default is 30 seconds) before attempting to send messages to this endpoint again. If the message succeeds, the endpoint is marked as "Active." If the next message fails, the endpoint is marked as "Suspended" or "Timeout" depending on the error, and the ESB waits before retrying messages using the following formula:
Min(current suspension duration * progressionFactor, maximumDuration)
You configure the initial suspension duration, progression factor, and maximum duration as part of the suspendOnFailure settings. On each retry, the suspension duration increases, up to the maximum duration.
Configuring leaf endpoints
The following is the configuration for the address endpoint. Since we all are only interested in error configurations, the same applies for WSDL endpoints as well. The error handling configuration are as follows:
<address uri="endpoint address" [format="soap11|soap12|pox|get"]
[optimize="mtom|swa"] [encoding="charset encoding"]
[statistics="enable|disable"] [trace="enable|disable"]>
<enableRM [policy="key"]/>?
<enableSec [policy="key"]/>?
<enableAddressing [version="final|submission"] [separateListener="true|false"]/>?
<timeout>
<duration>timeout duration in seconds</duration>
<responseAction>discard|fault|never</responseAction>
</timeout>?
<markForSuspension>
[<errorCodes>xxx,yyy</errorCodes>]
<retriesBeforeSuspension>m</retriesBeforeSuspension>
<retryDelay>d</retryDelay>
</markForSuspension>
<suspendOnFailure>
[<errorCodes>xxx,yyy</errorCodes>]
<initialDuration>n</initialDuration>
<progressionFactor>r</progressionFactor>
<maximumDuration>l</maximumDuration>
</suspendOnFailure>
</address>
"Timeout" settings
Name | Values | Default | Description |
|---|---|---|---|
duration | Miliseconds | 60000 | Connection timeout interval. If the remote endpoint does not respond in this time, it will be marked as "Timeout." |
responseAction | discard, fault, never | never | When a response comes to a timed out request, specifies whether to discard it or invoke the fault handler. If you select "never", the endpoint remains in the "Active" state. |
"MarkForSuspension" settings
Name | Values | Default | Description |
|---|---|---|---|
errorCodes | Comma separated list of error codes | 101504, 101505 | Errors that put the endpoint into the "Timeout" state. If no error codes are specified, the "HTTP Connection Closed" and "HTTP Connection Timeout" errors are considered "Timeout" errors, and all other errors put the endpoint into the "Suspended" state. |
retriesBeforeSuspension | Integer | 0 | In the "Timeout" state this number of requests minus one can be tried and fail before the endpoint is marked as "Suspended". This setting is per endpoint, not per message, so several messages can be tried in parallel and fail and the remaining retries for that endpoint will be reduced. |
retryDelay | milliseconds | 0 | The time to wait between the last retry attempt and the next retry. |
'suspendOnFailure' settings
Name | Values | Default | Description |
|---|---|---|---|
errorCodes | Comma separated list of error codes | All the errors except the errors specified in | Errors that send the endpoint into the "Suspended" state. |
initialDuration | milliseconds | 30000 | After an endpoint gets "Suspended," it will wait for this amount of time before trying to send the messages coming to it. All the messages coming during this time period will result in fault sequence activation. |
progressionFactor | Integer | 1 | The endpoint will try to send the messages after the
|
maximumDuration | milliseconds | Long.MAX_VALUE | Upper bound of retry duration. |
Sample Configuration:
<endpoint name="Sample_First" statistics="enable" >
<address uri="http://localhost/myendpoint" statistics="enable" trace="disable">
<timeout>
<duration>60000</duration>
</timeout>
<markForSuspension>
<errorCodes>101504, 101505</errorCodes>
<retriesBeforeSuspension>3</retriesBeforeSuspension>
<retryDelay>1</retryDelay>
</markForSuspension>
<suspendOnFailure>
<errorCodes>101500, 101501, 101506, 101507, 101508</errorCodes>
<initialDuration>1000</initialDuration>
<progressionFactor>2</progressionFactor>
<maximumDuration>60000</maximumDuration>
</suspendOnFailure>
</address>
</endpoint>
In this example, the errors 101504 and 101505 move the endpoint into the "Timeout" state. At that point, three requests can fail for one of these errors before the endpoint is moved into the "Suspended" state. Additionally, errors 101500, 101501, 101506, 101507, and 101508 will put the endpoint directly into the "Suspended" state. The error 101503 is not listed, so if a 101503 error occurs, the endpoint will remain in the "Active" state.