-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do statuses have a 1:1 relationship to HTTP response codes? #57
Comments
No, relationship is not 1:1. It assumes certain ranges correspond to certain status values, but no 1:1 mapping exists. Per specification:
|
Your example |
Some of the shown mappings have serious issues. And the main reason lies in a misunderstanding about what level of information HTTP status codes represent. HTTP status codes mostly represent "wire". But when transmitting health status information over HTTP, one has to treat HTTP as OSI Layer 5 Session, not OSI Layer 7 Application. Trying to convey information about the content of the health resource instead of the wire of the health resource is conflating things in HTTP and may break clients. Here's the details:
I hope that this explains why I think that mapping health status to response codes is not a good idea. |
@christianhujer you are disagreeing with the wrong part of the specification. It's not about just some of the values of the mappings, you are questioning the entire approach of using response code of a single endpoint as an indicator of health for the entire API (several endpoints forming a logical "API" that the health endpoint represents). This is explicitly documented in RFC:
Yes, it is s true that status codes in HTTP per se represent the information about the specific URI and don't act as stand-ins for other resources at other URIs. However (!) and this is critical: doing so in the case of health endpoints has been a common practice for decades. For the sake of acknowledging reality and backwards compatibility with the existing tooling, the responsible thing for this RFC is to follow the established pattern. As a matter of fact, acknowledging this existing pattern is the only reason this RFC even discusses HTTP response codes. In its pure form this RFC is about message format and has nothing to do with HTTP or response codes (it's totally fine to use it with TCP, for instance). But when you have clearly existing industry behavior, we felt it would have been a mistake of omission to not acknowledge it in this RFC. Practicality and backwards compatibility > theoretical purity. |
I think the spec is fine. Infering from Just reusing |
OK Not sure what is special about [302,307]. In this spec "warning" is defined as "pass, but things are getting worse so pay attention", so http response code-wise "pass" and "warning" are the same thing, only in the message do we differentiate. Given that, if 302,307 are ok for "pass", why are you concerned for "warning"? Warning is not defined as a "light error". I am not sure I follow where 302,307 is a concern. Thank you. |
From what I understand of this conversation, it seems that the concern being raised is whether or not this spec implies that 302 and 307 have additional semantics which an implementation needs to take into account. If an HTTP client used in an implementation is configured to automatically follow redirects, the health-check implementation might not get an opportunity to respond to a 302 or 307 and interpret it according to this specification. I guess the thing which may be missing is how the usual semantics of redirects from a |
If In general, any "re-interpretation" of existing response codes by a new spec that is incompatible with the actual specification in HTTP/1.1 or HTTP/2 risks breaking existing user agents and makes the lives of programmers who would expect that they can simply use normal HTTP clients to access What exactly makes "302 Found" or "307 Temporary Redirect" good candidates to indicate |
As a resolution, this spec could just explicitly require that all responses should otherwise comply with the HTTP specifications (this spec may already do this--I have not confirmed). This would imply the Location header would need to be included in case the response code is |
Thanks for all the feedback, but I feel the conversation has been distracted with the example status codes I used (granted that was my fault). But I'm and still unclear how the codes map to the textual statuses. Maybe further examples will clarify what I mean:
|
IMHO clearly not 2 or 3. That's not how HTTP works, and the spec has to be compatible with HTTP. |
307 Temporary Redirect seems just fine provided a redirect location is actually used that returns something meaningful. I don't see any conflict in letter or spirit to the HTTP spec. We do redirects precisely because the server is asked for resources it can't faithfully provide per how it defines those resources. The server can decide what criteria justifies the existence of the /health resource. When those criteria aren't met, the server can say "well you wanted the good news, but I'm redirecting you to the not so good news". Redirect says the resource requested isn't available, but a viable substitute is. For example, GET /health might redirect to /health_warnings. A client who wishes to know what those health_warnings are could then follow the redirect and get an application/health+json document. Since detailing the degraded health might be expensive, a polite client that doesn't need that information might decide not to follow the redirect. 202 Accepted is also interesting if you want to differentiate from 200 OK for good health. Differentiating by response code makes it really convenient to use monitoring tools to compute "good" state availability and not just the "up" state availability. |
We've had this discussion in our team. In a nutshell, we're seeing We do not agree with
For us,
|
I'm currently writing a health check for an application, but I'm a little unclear on the precise relationship between statuses and response codes. The is described as "tightly coupled" but with no further explanation or examples.
Do statuses have a 1:1 relationship to HTTP response codes? I ask as I have cases where it may be useful to have finer grain responses.
pass = 200
warn = 302, a sub-service return a warning state
warn = 307, a sub-service return an error state
fail = 404, running but unavailable
fail = 503, dead
In different scenarios, we may want a load balancer to bracket different response code ranges as healthy eg [200:302] or [200:307]. Assume the load balancer can only monitor the response code. I know we could always write a customizable filter in front of the health check that can decide talked to the load balancer based on the json.
Thanks for the draft is has been most helpful and timely.
The text was updated successfully, but these errors were encountered: