Date | Commit message (Collapse) |
|
* Rack::Chunked and Rack::ContentLength middlewares are loaded
by default for RACK_ENV=(development|deployment) users to match
Rack::Server behavior. As before, use RACK_ENV=none if you want
fine-grained control of your middleware. This should also
help users of Rainbows! and Zbatery.
* CTL characters are now rejected from HTTP header values
* Exception messages are now filtered for [:cntrl:] characters
since application/middleware authors may forget to do so
* Workers will now terminate properly if a SIGQUIT/SIGTERM/SIGINT
is received while during worker process initialization.
* close-on-exec is explicitly disabled to future-proof against
Ruby 2.0 changes [ruby-core:38140]
|
|
The signal handler from the master is still active and will
push the pending signal to SIG_QUEUE if a worker receives
a signal immediately after forking.
|
|
This is needed to match the behavior of Rack::Server for
RACK_ENV=(deployment|development), actually. This won't
affect users of other RACK_ENV values.
This change has minor performance consequences, so users
negatively affected should set RACK_ENV to "none" instead for
full control of their middleware stack.
This mainly affects Rainbows!/Zbatery users since they have
persistent connections and /need/ Content-Length or
Transfer-Encoding:chunked headers.
|
|
We do not want to affect terminals of users who view our log
files.
|
|
We only need the fileno in the key which we use
to generate the UNICORN_FD env. Otherwise the IO
object is accepted and understood by Ruby.
|
|
Setting the close-on-exec flag by default and closing
non-standard descriptors is proposed for Ruby 1.9.4/2.0.0.
Since Unicorn is one of the few apps to rely on FD inheritance
across exec(), we need to workaround this by redirecting each
listener FD to itself for Kernel#exec.
Ruby supports a hash as the final argument to Kernel#exec since
at least 1.9.1 (nobody cares for 1.9.0 anymore). This allows
users to backport close-on-exec by default patches to older
1.9.x installs without breaking anything.
ref: http://redmine.ruby-lang.org/issues/5041
|
|
This helps close a race condition preventing shutdown if
loading the application (preload_app=false) takes a long
time and the user decides to kil workers instead.
|
|
Future versions of Ruby may change this from the default *nix
behavior, so we need to explicitly allow FD passing via exec().
ref: http://redmine.ruby-lang.org/issues/5041
|
|
I corrupted a Ruby build and SOL_TCP didn't get defined :x
|
|
This release fixes things for users of per-worker "listen"
directives in the after_fork hook. Thanks to ghazel@gmail.com
for reporting the bug.
The "timeout" configurator directive is now truncated to
0x7ffffffe seconds to prevent overflow when calling
IO.select.
|
|
Nobody will miss one second if they specify an "infinite"
timeout of ~68 years. This prevents duplicating this logic
in Rainbows!
|
|
The testcase for this was broken, too, so we didn't notice
this :<
Reported-by: ghazel@gmail.com on the Rainbows! mailing list,
http://mid.gmane.org/BANLkTi=oQXK5Casq9SuGD3edeUrDPvRm3A@mail.gmail.com
|
|
IO.select in Ruby can't wait longer than this. This
means Unicorn can't support applications that take
longer than 68 years to respond :(
|
|
A single Unicorn instance may manage more than 1024 workers
without needing privileges to modify resource limits. As a
result of this, the "raindrops"[1] gem/library is now a required
dependency.
TCP socket defaults now favor low latency to mimic UNIX domain
socket behavior (tcp_nodelay: true, tcp_nopush: false). This
hurts throughput, users who want to favor throughput should
specify "tcp_nodelay: false, tcp_nopush: true" in the listen
directive.
Error logging is more consistent and all lines should be
formatted correctly in backtraces. This may break the
behavior of some log parsers.
The call stack is smaller and thus easier to examine backtraces
when debugging Rack applications.
There are some internal API changes and cleanups, but none that
affect applications designed for Rack. See "git log v3.7.0.."
for details.
For users who cannot install kgio[2] or raindrops, Unicorn 1.1.x
remains supported indefinitely. Unicorn 3.x will remain
supported if there is demand. We expect raindrops to introduce
fewer portability problems than kgio did, however.
[1] http://raindrops.bogomips.org/
[2] http://bogomips.org/kgio/
|
|
It's still O(n) since we don't maintain a reverse mapping of
spawned processes, but at least we avoid the extra overhead of
creating an array every time.
|
|
Some applications/libraries may launch background threads which
can lock up the process. So we can't disable heartbeat checking
just because the main thread is sleeping. This also has the
side effect of reducing master process wakeups when all workers
are idle.
|
|
This matches the latest Rack behavior.
We can't just use Rack::Builder.parse_file because our option
parser logic is slightly different and incompatible.
ref: rack commit d31cf2b7c0c77c04510c08d95776315ceb24ba54
|
|
We don't want the Worker#tick= assignment to trigger after we
accept a client, since we'd drop that request when we raise the
exception that breaks us out of the worker loop.
Also, we don't want to enter IO.select with an empty LISTENERS
array so we can fail with IOError or Errno::EBADF.
|
|
A leftover from the fchmod() days
|
|
Backtraces are now formatted properly (with timestamps) and
exceptions will be logged more consistently and similar to
Logger defaults:
"#{exc.message} (#{e.class})"
backtrace.each { |line| ... }
This may break some existing monitoring scripts, but errors
will be more standardized and easier to check moving forward.
|
|
"app error" is more correct, and consistent with Rainbows!
|
|
rescuing from SystemExit and exit()-ing again is ugly, but
changes made to lower stack depth positively affect _everyone_
so we'll tolerate some ugliness here.
We'll need to disable graceful exit for some tests, too...
|
|
This means we no longer waste an extra file descriptor per
worker process in the master. Now there's no need to set a
higher file descriptor limit for systems running >= 1024
workers.
|
|
There's absolutely no need to keep the OptionParser around in
worker processes.
|
|
We always know we have zero workers at startup, so we don't
need to check before hand. SIGHUP users may suffer a small
performance decrease as a result, but there's not much we
can do about it.
|
|
This should be easier to understand and reduces garbage on
stack, too.
|
|
kgio never does reverse lookup
|
|
Ruby IO.select never raises that, actually
|
|
By avoid Array#each
|
|
ivar references using @ are slightly faster than calling
attribute methods.
|
|
Oops, it messes logging up badly.
|
|
These TCP settings are a closer match to the behavior of
Unix domain sockets and what users expect for fast streaming
responses even if nginx can't provide them just now...
|
|
This reduces the size of `caller` by 5 frames,
which should make backtraces easier-to-read, raising
exceptions less expensive, and reduce GC runtime.
|
|
* miscellaneous documentation improvements
* return 414 (instead of 400) for Request-URI Too Long
* strip leading and trailing linear whitespace in header values
User-visible improvements meant for Rainbows! users:
* add :ipv6only "listen" option (same as nginx)
|
|
Enabling this flag for an IPv6 TCP listener allows users to
specify IPv6-only listeners regardless of the OS default.
This should be interest to Rainbows! users.
|
|
Rainbows! wants to be able to lower this eventually...
|
|
|
|
Combines the following sequence:
http_parser.buf << socket.readpartial(0x4000)
http_parser.parse
Into:
http_parser.add_parse(socket.readpartial(0x4000))
It was too damn redundant otherwise...
|
|
There's an HTTP status code allocated for it in
<http://www.iana.org/assignments/http-status-codes>, so
return that instead of 400.
|
|
The optional Unicorn::OobGC module is reimplemented to fix
breakage that appeared in v3.3.1. There are also minor
documentation updates, but no code changes as of 3.6.1 for
non-OobGC users.
There is also a v1.1.7 release to fix the same OobGC breakage
that appeared for 1.1.x users in the v1.1.6 release.
|
|
It seems people are still confused about it...
|
|
This was broken since v3.3.1[1] since nginx relies on a closed
socket (and not Content-Length/Transfer-Encoding) to detect
a response completion. We have to close the client socket
before invoking GC to ensure the client sees the response
in a timely manner.
[1] - commit b72a86f66c722d56a6d77ed1d2779ace6ad103ed
|
|
These options will probably be more important as interest in
streaming responses in Rails 3.1 develops.
I consider the respective defaults for Unicorn (designed to run
behind nginx) and Rainbows! (designed to run standalone) to be
the best choices in their respective environments.
|
|
Using the return value of Kernel#srand actually made the
problem worse. Using the value of Kernel#rand is required
to actually get a random value to seed the OpenSSL PRNG.
Thanks to ghazel for the bug report!
|
|
Older Rainbows! redefines the ready_pipe= accessor method
to call internal after_fork hooks.
|
|
Don't clutter up our RDoc/website with things that users
of Unicorn don't need to see. This should make user-relevant
documentation easier to find, especially since Unicorn is
NOT intended to be an API.
|
|
OpenSSL seeds its PRNG with the process ID, so if a process ID
is recycled, there's a chance of indepedent workers getting
repeated PRNG sequences over a long time period iff the same
PID is used.
This only affects deployments that meet both of the following
conditions:
1) OpenSSL::Random.random_bytes is called before forking
2) worker (but not master) processes are die unexpectedly
The SecureRandom module in Ruby (and Rails) uses the OpenSSL
PRNG if available. SecureRandom is used by Rails and called
when the application is loaded, so most Rails apps with
frequently dying worker processes are affected.
Of course dying worker processes are bad and entirely the
fault of bad application/library code, not the fault of
Unicorn.
Thanks for Alexander Dymo for reporting this.
ref: http://redmine.ruby-lang.org/issues/4579
|
|
The current versions of Ruby 1.8 do not reseed the PRNG after
forking, so we'll work around that by calling Kernel#srand.
ref: http://redmine.ruby-lang.org/issues/show/4338
|
|
Oops, changing a method definition for RDoc means code
needs to be updated, too :x
|
|
They should then recover and inherit writable descriptors
from the master when it respawns.
|