| Date | Commit message (Collapse) |
|---|
|
* origin/master:
tests: force blocking I/O for Ruby 3.x
|
|
Otherwise we get test failures since we use sysread
and syswrite in many places
|
|
Since we allocate a new request object for each request,
the #clear call is now unnecessary
|
|
This removes the reuse of the parser between requests. Reusing these is
risky in the context of running any other threads within the unicorn
process, also for threads that run background tasks.
If any other thread accidentally grabs hold of the request it can modify
things for the next request in flight.
The downside here is that we allocate more for each request, but that is
worth the trade off here and the security risk we otherwise would carry
to leaking wrong and incorrect data.
|
|
While no incompatible changes to any supported configuration
files are planned, some deep internal data structures will
change and there are likely some 3rd-party monkey patches broken
by this.
|
|
We don't want at_exit firing in child processes and never wanted
it. This is apparently a long standing bug in the tests that
only started causing test_worker_dies_on_dead_master failures
for me. I assume it's only showing up now for me due to kernel
scheduler changes, since I've been using the same 4-core CPU for
~11 years, now.
|
|
This release supports env['rack.after_reply'] which allows
rack middleware to pass lambdas to be executed after the client
connection is closed, matching functionality in Puma.
Thanks to Blake Williams for this patch:
https://yhbt.net/unicorn-public/9873E53C-04D3-4759-9678-CA17DBAEF7B7@blakewilliams.me/
The top-level of our website is now simpler and no longer
redundant with the contents of https://yhbt.net/unicorn/README.html
(which contains the old content)
|
|
created.rid has no business being published anyways, and
index.html is redundant given README.html. Avoid confusing
search engines with identical documents at different URLs.
Our "homepage" is just a directory listing, now, which should
help discoverability of non-HTML docs. Old content is at
https://yhbt.net/unicorn/README.html
|
|
This adds `rack.after_reply` functionality which allows rack middleware
to pass lambdas that will be executed after the client connection has
been closed.
This was driven by a need to perform actions in a request that shouldn't
block the request from completing but also don't make sense as
background jobs.
There is prior art of this being supported found in a few gems, as well
as this functionality existing in other rack based servers (e.g. Puma).
[ew: check if `env' is set in ensure statement]
Acked-by: Eric Wong <e@80x24.org>
|
|
Relaxed Ruby version requirements for Ruby 3.0.0dev.
Thanks to Jean Boussier for testing
|
|
Apparently, an IMAP server happened at some point and somehow
stays running. Maybe more users have IMAP clients than NNTP
clients...
|
|
Ruby just recently bump the master version to 3.0.
This requirement bump is necessary to test unicorn
against ruby master.
[ew: wrap at <80 columns for hackers with poor eyesight]
Acked-by: Eric Wong <bofh@yhbt.net>
|
|
We can limit the amount of Ruby-version-specific code to
just the stuff in ext/* and bin/*, reducing I/O traffic
and FS + page cache footprint.
Furthermore, rely on GNU make behavior to copy all the necessary
files so we don't trigger unnecessary extconf.rb invocations
just by touching a .rb file in lib.
|
|
This can be useful for diagnosing failures, especially since
GNU tail supports inotify these days.
|
|
This release adds support for the early_hints configurator
directive for the 'rack.early_hints' API used by Rails 5.2+.
Thanks to Jean Boussier for the patch.
Link: https://yhbt.net/unicorn-public/242F0859-0F83-4F14-A0FF-5BE392BB01E6@shopify.com/
|
|
If a user removes "early_hints" entirely from the config file, a
SIGHUP needs to restore the default value. This is consistent
with the behavior of all the other configuration variables.
Cc: Jean Boussier <jean.boussier@gmail.com>
|
|
IO#sysread may only capture the 103 response and return before
the server can send the 200. Since we don't support persistent
connections, we can just use IO#read to rely on the server
giving us an EOF after the 200 is sent.
Cc: Jean Boussier <jean.boussier@gmail.com>
|
|
While not part of the rack spec, this API is exposed
by both puma and falcon, and Rails use it when available.
The 103 Early Hints response code is specified in RFC 8297.
|
|
This release fixes a bug for users of multiple listeners setups
where a busy listen socket could starve other listeners.
Thanks to Stan Hu for reporting and testing.
No need to upgrade if you're using a single listen socket.
Link: https://yhbt.net/unicorn-public/CAMBWrQ=Yh42MPtzJCEO7XryVknDNetRMuA87irWfqVuLdJmiBQ@mail.gmail.com/
|
|
In setups with multiple listeners, it's possible for our greedy
select(2)-avoidance optimization to get pinned on a single, busy
listener and starve the other listener(s).
Prevent starvation by retrying the select(2)-avoidance
optimization if and only if all listeners were active. This
should have no effect on the majority of deployments with only a
single listener.
Thanks to Stan Hu for reporting and testing.
Reported-by: Stan Hu <stanhu@gmail.com>
Tested-by: Stan Hu <stanhu@gmail.com>
Link: https://yhbt.net/unicorn-public/CAMBWrQ=Yh42MPtzJCEO7XryVknDNetRMuA87irWfqVuLdJmiBQ@mail.gmail.com/
|
|
One change to improve RFC 7230 conformance in the HTTP parser:
https://yhbt.net/unicorn-public/20200319022823.32472-1-bofh@yhbt.net/
|
|
We need to favor "Transfer-Encoding: chunked" over
"Content-Length" in the request header if they both exist.
Furthermore, we now reject redundant chunking and cases where
"chunked" is not the final encoding.
We currently do not and have no plans to decode "gzip",
"deflate", or "compress" encoding as described by RFC 7230.
That's a job more appropriate for middleware, anyways.
cf. https://tools.ietf.org/html/rfc7230
https://www.rfc-editor.org/errata_search.php?rfc=7230
|
|
Documentation updates to switch bogomips.org to yhbt.net since
the .org TLD won't be affordable in the near future.
There's also a few minor test cleanups.
|
|
We can start using Ruby 1.9 APIs, nowadays
|
|
It was added nearly 11 years ago in commit 6945342a1f0a4caa
("Transfer-Encoding: chunked streaming input support") but
never used.
|
|
My hardware gets worse and worse every year :<
|
|
bogomips.org is due to expire, soon, and I'm not willing to pay
extortionist fees to Ethos Capital/PIR/ICANN to keep a .org. So
it's at yhbt.net, for now, but it will change again to
whatever's affordable... Identity is overrated.
Tor users can use .onions and kick ICANN to the curb:
torsocks w3m http://unicorn.ou63pmih66umazou.onion/
torsocks git clone http://ou63pmih66umazou.onion/unicorn.git/
torsocks w3m http://ou63pmih66umazou.onion/unicorn-public/
While we're at it, `s/news.gmane.org/news.gmane.io/g', too.
(but I suspect that'll need to be resynched since our mail
"List-Id:" header is changing).
|
|
Thanks to Terry Scheingeld, we now workaround a Ruby bug
and can now run with taint checks enabled:
<https://bugs.ruby-lang.org/issues/14485>
<https://bogomips.org/unicorn-public/CABg1sXrvGv9G6CDQxePDUqTe6N-5UpLXm7eG3YQO=dda-Cgg7A@mail.gmail.com/>
There's also a few documentation updates and building packages
from source is easier since pandoc is no longer a dependency
(and I can no longer afford the bandwidth or space to install
it).
Eric Wong (7):
test/benchmark/ddstream: demo for slowly reading clients
test/benchmark/readinput: demo for slowly uploading clients
test/benchmark/uconnect: test for accept loop speed
examples/unicorn@.service: note the NonBlocking flag
Merge remote-tracking branch 'origin/ts/tmpio'
test_util: get rid of some unused variables in tests
doc: replace pandoc-"Markdown" with real manpages
Terry Scheingeld (1):
tmpio: workaround File#path being tainted on unlink
|
|
Trying to install pandoc on an x86-64 Debian stable system says:
> Need to get 15.2 MB of archives.
> After this operation, 117 MB of additional disk space will be used.
My laptop is on metered Internet nowadays and already low on
disk space, so installing pandoc is not realistic. Maybe it
wasn't realistic to other hackers with limited resources in the
past.
There's also dozens of subtly incompatible Markdown flavors out
there, most of which can't really handle manpages. Anyways,
roff isn't too bad and at least groff is well-documented.
Updating the website now requires olddoc 1.8.0 (which is much
smaller than pandoc), but I'm the only one with that burden. On
the flipside more users can update and read the manpages locally
without extra software, since nearly every developer's *nix
system has man(1) command, unlike pandoc.
|
|
Ruby 2.7.0dev warns on them
|
|
* origin/ts/tmpio:
tmpio: workaround File#path being tainted on unlink
|
|
Ruby mistakenly taints the file path, causing File.unlink
to fail: https://bugs.ruby-lang.org/issues/14485
Workaround the Ruby bug by keeping the path as a local
variable and passing that to File.unlink, instead of the
return value of File#path.
Link: https://bogomips.org/unicorn-public/CABg1sXrvGv9G6CDQxePDUqTe6N-5UpLXm7eG3YQO=dda-Cgg7A@mail.gmail.com/
|
|
It's racy otherwise when starting simultaneous instanced units.
Without specifying NonBlocking=true, systemd will clear the
O_NONBLOCK flag every time it starts a new service instance.
There's a small window where systemd can clear O_NONBLOCK
immediately after it's set by Ruby (or kgio):
unicorn@1 |systemd |unicorn@2
---------------------------+----------------+--------------------
F_SETFL, O_NONBLOCK|O_RDWR | | (not running, yet)
|F_SETFL, O_RDWR |
|fork |
| exec unicorn@2 |
accept4(...) # blocks! | | (now started by systemd)
| |F_SETFL,O_NONBLOCK|O_RDWR
| |accept4(...) non-blocking
|
|
In preparation for kgio removal, I want to ensure we can
maintain existing performance when swapping kgio_tryaccept
for accept_nonblock on Ruby 2.3+
There's plenty of TCP benchmarking tools, but TCP port reuse
delays hurt predictability since unicorn doesn't do persistent
connections.
So this is exclusively for Unix sockets and uses Perl instead
of Ruby since I don't want to be bothered with GC
unpredictability on the client side.
|
|
This is intended to demonstrate how badly we suck at dealing
with slow clients making uploads. It can help users evaluate
alternative fully-buffering reverse proxies, because nginx
should not be the only option.
|
|
This is intended to demonstrate how badly we suck at dealing
with slow clients. It can help users evaluate alternative
fully-buffering reverse proxies, because nginx should not
be the only option.
Update the benchmark README while we're at it
|
|
This release fixes and works around issues from v5.5.0 (2019-03-04)
Stephen Demjanenko worked around a pipe resource accounting bug
present in old Linux kernels. Linux 3.x users from 3.16.57 and
on are unaffected. Linux 4.x users from 4.9 and on are
unaffected.
https://bogomips.org/unicorn-public/1556922018-24096-1-git-send-email-sdemjanenko@gmail.com/
Stan Pitucha reported a bug with the old `unicorn_rails' wrapper
(intended for Rails 2.x users) which was promptly fixed by
Jeremy Evans:
https://bogomips.org/unicorn-public/CAJ2_uEPifcv_ux4sX=t0C4zHTHGhqVfcLcSB2kTU3Rb_6pQ3nw@mail.gmail.com/
There's also some doc updates to warn users off `unicorn_rails';
the homepage is now energy-efficient for OLEDs and CRTs;
and I'm no longer advertising mailing list subscriptions
(because I hate centralization and mail archives are the priority)
Eric Wong (3):
doc: unicorn_rails: clarify that it is intended for rails <= 2.x
doc: stop advertising mailing list subscription
doc: switch homepage to dark216
Jeremy Evans (1):
unicorn_rails: fix regression with Rails >= 3.x in app build
Stephen Demjanenko (1):
Rescue failed pipe resizes due to permissions
|
|
When running: ```
require 'kgio'
require 'raindrops'
F_SETPIPE_SZ = 1031 if RUBY_PLATFORM =~ /linux/
Kgio::Pipe.new.each do |io|
io.close_on_exec = true
if defined?(F_SETPIPE_SZ)
begin
puts "setting"
io.fcntl(F_SETPIPE_SZ, Raindrops::PAGE_SIZE)
rescue Errno::EINVAL
puts "rescued"
rescue => e
puts ["FAILED HARD", e].inspect
end
end
end
```
on a few servers to test some Unicorn boot failures I saw:
```
["FAILED HARD", #<Errno::EPERM: Operation not permitted>]
```
The `EPERM` error gets raised by the Linux kernel if:
```
(too_many_pipe_buffers_hard(pipe->user) ||
too_many_pipe_buffers_soft(pipe->user)) &&
!capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN)
```
Given that the resize is not strictly necessary Unicorn should
rescue the error and continue booting.
|
|
Because Earth Day!:
https://80x24.org/olddoc-public/20190422014906.4253-1-e@80x24.org/
|
|
It's still available, but no point in advertising something
which increases the dependency on a centralized subscriber list.
Subscription will never be required to write to our
centralization-resistant public inbox (which anybody can
read/mirror using HTTP(S) or NNTP).
The mailing list has only attracted a tiny handful of
subscribers since Rubyforge died, and more than half of the
subscribers imported from Rubyforge have bounced off
(or unsubscribed).
|
|
Hopefully the wording is a little more explicit and clearer
by stating its purpose in the first line of the description.
|
|
Note: `unicorn_rails' was only intended for Rails <= 2.x projects
in the old days.
Fixes: 5985dd50a9bd7238 ("Support default_middleware configuration option")
From: Jeremy Evans <code@jeremyevans.net>
cf. https://bogomips.org/unicorn-public/20190306055734.GC61406@jeremyevans.local/
Signed-off-by: Eric Wong <e@80x24.org>
[ew: commit message]
|
|
Mostly identical to 5.5.0.pre1, which I didn't hear any feedback
from:
https://bogomips.org/unicorn-public/20181220222842.GA27382@dcvr/
> Jeremy Evans contributed the "default_middleware" configuration option:
>
> https://bogomips.org/unicorn-public/20180913192055.GD48926@jeremyevans.local/
>
> Jeremy also contributed the ability to use separate groups for the process
> and log files:
>
> https://bogomips.org/unicorn-public/20180913192449.GE48926@jeremyevans.local/
>
> There's also a couple of uninteresting minor optimizations and
> documentation additions.
Otherwise, there's one extra change to use
rb_gc_register_mark_object which is finally a documented part of
the Ruby C-API, but has existed since the 1.9 days.
|
|
unicorn has no future, but at least some of our past is archived.
This was taken from nntp://news.gmane.org/gmane.comp.lang.ruby.mongrel.devel
as the HTTP parts of gmane are dead. Unfortunately, Gmane only
started archiving mongrel-development@rubyforge.org in 2008 and
discussions prior to that may be lost. If anybody has mbox, Maildir
or MH archives from those days, I'd be glad to import them.
|
|
Since Ruby 2.6, it's a documented part of the API and we may depend
on it: https://bugs.ruby-lang.org/issues/9894
It's been around since the early Ruby 1.9 days, and reduces
overhead compared to relying on rb_global_variable:
https://bogomips.org/unicorn-public/20170301002854.29198-1-e@80x24.org/
|
|
Jeremy Evans contributed the "default_middleware" configuration option:
https://bogomips.org/unicorn-public/20180913192055.GD48926@jeremyevans.local/
Jeremy also contributed the ability to use separate groups for the process
and log files:
https://bogomips.org/unicorn-public/20180913192449.GE48926@jeremyevans.local/
There's also a couple of uninteresting minor optimizations and
documentation additions.
Eric Wong (10):
remove random seed reset atfork
use IO#wait instead of kgio_wait_readable
Merge branch '5.4-stable'
shrink pipes under Linux
socket_helper: add hint for FreeBSD users for accf_http(9)
tests: ensure -N/--no-default-middleware not supported in config.ru
doc: update more URLs to use HTTPS and avoid redirects
deduplicate strings VM-wide in Ruby 2.5+
doc/ISSUES: add links to git clone-able mail archives of our dependencies
README: minor updates and additional disclaimer
Jeremy Evans (2):
Make Worker#user support different process primary group and log file group
Support default_middleware configuration option
|
|
Nowadays, I mainly rely on systemd (and not USR2) for
zero-downtime upgrades. Also, CoW-friendliness is standard
in mainline Ruby since 2.0.
There also needs to be a disclaimer to point out the unfortunate
side-effect of robustness for hosting buggy apps.
|
|
Archives are crucial to preserving history and knowledge in Free
Software projects, so promote them for projects we depend on.
Naq lrf, gur nepuviny fbsgjner qrirybcrq sbe nepuvivat gur
havpbea znvyvat yvfg unf ybat fhecnffrq gur hfrshyarff bs
havpbea vgfrys :C
|
|
String#-@ deduplicates strings starting with Ruby 2.5.0
Hash#[]= deduplicates strings starting in Ruby 2.6.0-rc1
This allows us to save a small amount of memory by sharing
objects with other parts of the stack (e.g. Rack).
|
|
Latency from redirects is painful, and HTTPS can protect privacy
in some cases.
|