Date | Commit message (Collapse) |
|
Mainly small fixes, improvements, and workarounds for fork() issues
with pseudo-random number generators shipped with Ruby (Kernel#rand,
OpenSSL::Random (used by SecureRandom and also by Rails).
The PRNG issues are documented in depth here (and links to Ruby Redmine):
http://bogomips.org/unicorn.git/commit?id=1107ede7
http://bogomips.org/unicorn.git/commit?id=b3241621
If you're too lazy to upgrade, you can just do this in your after_fork
hooks:
after_fork do |server,worker|
tmp = srand
OpenSSL::Random.seed(tmp.to_s) if defined?(OpenSSL::Random)
end
There are also small log reopening (SIGUSR1) improvements:
* relative paths may also be reopened, there's a small chance this
will break with a handful of setups, but unlikely. This should
make configuration easier especially since the "working_directory"
configurator directive exists. Brought up by Matthew Kocher:
http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/900
* workers will just die (and restart) if log reopening fails for
any reason (including user error). This is to workaround the issue
reported by Emmanuel Gomez:
http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/906
|
|
Older Rainbows! redefines the ready_pipe= accessor method
to call internal after_fork hooks.
|
|
|
|
Don't clutter up our RDoc/website with things that users
of Unicorn don't need to see. This should make user-relevant
documentation easier to find, especially since Unicorn is
NOT intended to be an API.
|
|
OpenSSL seeds its PRNG with the process ID, so if a process ID
is recycled, there's a chance of indepedent workers getting
repeated PRNG sequences over a long time period iff the same
PID is used.
This only affects deployments that meet both of the following
conditions:
1) OpenSSL::Random.random_bytes is called before forking
2) worker (but not master) processes are die unexpectedly
The SecureRandom module in Ruby (and Rails) uses the OpenSSL
PRNG if available. SecureRandom is used by Rails and called
when the application is loaded, so most Rails apps with
frequently dying worker processes are affected.
Of course dying worker processes are bad and entirely the
fault of bad application/library code, not the fault of
Unicorn.
Thanks for Alexander Dymo for reporting this.
ref: http://redmine.ruby-lang.org/issues/4579
|
|
The current versions of Ruby 1.8 do not reseed the PRNG after
forking, so we'll work around that by calling Kernel#srand.
ref: http://redmine.ruby-lang.org/issues/show/4338
|
|
|
|
Oops, changing a method definition for RDoc means code
needs to be updated, too :x
|
|
"Config" is deprecated and warns under 1.9.3dev
|
|
They should then recover and inherit writable descriptors
from the master when it respawns.
|
|
It's not needed for users, so avoid confusing them.
Unicorn itself is not intended to be an API, it just
hosts Rack applications.
|
|
Mainly formatting and such, but some wording changes.
|
|
|
|
Configurator itself supports user at the top-level.
|
|
|
|
Users keep both pieces if it's broken :)
|
|
No need to use an ancient Rack now that we've dropped Rails
2.3.x tests. We need to remember that Rack 1.1.0 doesn't
support input#size.
|
|
They were transitionary releases and the logic to deal with them
and Rack versioning was too much overhead.
|
|
logrotate is the de facto tool for logrotation, so an
example config for highlighting important parts are in order.
Since our USR1 signal handling is part of the crusade against
the slow and lossy "copytruncate" option, be sure to
emphasize that :)
|
|
File#size is available in 1.9.2
|
|
"P" in HTTP is already "protocol"
|
|
Gemcutter is the old name
|
|
A small set of small changes but it's been more than a month
since our last release. There are minor memory usage and
efficiently improvements (for graceful shutdowns). MRI 1.8.7
users on *BSD should be sure they're using the latest patchlevel
(or upgrade to 1.9.x) because we no longer workaround their
broken stdio (that's MRI's job :)
|
|
People reinstalling would've pulled it in anyways, but
2.3.2 is the latest and has no known issues.
|
|
|
|
Ruby 1.8.* users should get the latest Ruby 1.8.7 anyways since
they contain critical bugfixes. We don't keep workarounds
forever since the root problem is fixed/worked-around in
upstream and people have had more than a year to upgrade Ruby.
|
|
We don't want to repeatedly reclose the same IOs
and keep raising exceptions this way.
|
|
Ruby 1.9.3dev is now using the 2-clause BSD License, not the
GPLv2. Do not mislead people into thinking we will switch to
any BSD License, we won't.
|
|
This causes conflicts with ports clients may use in
the ephemeral range since those do not hold FS locks.
This reverts commit e597e594ad88dc02d70f7d3521d0d3bdc23739bb.
Conflicts:
test/test_helper.rb
|
|
They needlessly allocate Proc objects
|
|
No need to unnecessarily leave file descriptor open.
|
|
* IPv6 support in the HTTP hostname parser and configuration
language. Configurator syntax for "listen" addresses should
be the same as nginx. Even though we support IPv6, we will
never support non-LAN/localhost clients connecting to Unicorn.
* TCP_NOPUSH/TCP_CORK is enabled by default to optimize
for bandwidth usage and avoid unnecessary wakeups in nginx.
* Updated KNOWN_ISSUES document for bugs in recent Ruby 1.8.7
(RNG needs reset after fork) and nginx+sendfile()+FreeBSD 8.
* examples/nginx.conf updated for modern stable versions of nginx.
* "Status" in headers no longer ignored in the response,
Rack::Lint already enforces this so we don't duplicate
the work.
* All tests pass under Ruby 1.9.3dev
* various bugfixes in the (mostly unused) ExecCGI class that
powers http://bogomips.org/unicorn.git
|
|
This is needed for IPv6 support, and 2.2.0 is nicer
all around for Rainbows! users. Updates wrongdoc
while we're at it, too.
|
|
Ugh, one day I'll clean them up, one day...
|
|
for i in `git ls-files '*.rb'`; do ruby -w -c $i; done
|
|
Duh...
|
|
Oops! Ugh, not my day...
|
|
Oops!
|
|
This is much like how nginx does it, except we always require a
port when explicitly binding to IPv6 using the "listen"
directive. This also adds support to listen with an
address-only, which can be useful to Rainbows! users.
|
|
Just in case we have people that don't use DNS, we can support
folks who enter ugly IPv6 addresses...
IPv6 uses brackets around the address to avoid confusing
the colons used in the address with the colon used to denote
the TCP port number in URIs.
|
|
This reduces surprise when people (correctly) believe
removing an option from the config file will return
things back to our internal defaults.
|
|
It's actually harmless since Unicorn only supports "fast"
applications that do not trickle, and we don't do keepalive so
we'll always flush-on-close. This should reduce wakeups on the
nginx proxy server if nginx is over TCP. Mongrel 1.x had
TCP_CORK enabled by default, too.
|
|
The client may not get a proper response with TCP_CORK enabled
|
|
Reported by: ghazel@gmail.com
ref: <AANLkTimTpPATTpkoD2EYA2eM1+5OzCN=WxnCygQmJdhn@mail.gmail.com>
|
|
This feature is in nginx 0.7.x and 0.8.x and optimized
better than the "if" directive in nginx.conf
ref: http://wiki.nginx.org/Pitfalls
ref: http://wiki.nginx.org/IfIsEvil
|
|
There's no need to use listen unless you use non-default port or
can enable "deferred" or "httpready" (which you usually want).
|
|
Ruby 1.9.1, Sinatra 0.3.x, and Rails 2.3.2 are not in
common use anymore (at least we don't think).
|
|
Reported by Alexey Bondar.
|
|
bogomips.org is slimming down and losing URL weight :)
|
|
We no longer blindly return 200 if the CGI returned another error
code. We also don't want two Status headers in our output since we
no longer filter it out.
|