fluentd 0.14.11 → 0.14.12

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of fluentd might be problematic. Click here for more details.

Files changed (119) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +1 -5
  3. data/ChangeLog +54 -2
  4. data/example/in_dummy_blocks.conf +17 -0
  5. data/example/in_forward_tls.conf +14 -0
  6. data/example/in_forward_workers.conf +21 -0
  7. data/example/logevents.conf +25 -0
  8. data/example/out_forward_heartbeat_none.conf +16 -0
  9. data/example/out_forward_tls.conf +18 -0
  10. data/example/suppress_config_dump.conf +7 -0
  11. data/lib/fluent/agent.rb +3 -32
  12. data/lib/fluent/clock.rb +62 -0
  13. data/lib/fluent/command/fluentd.rb +12 -0
  14. data/lib/fluent/compat/input.rb +10 -1
  15. data/lib/fluent/compat/output.rb +40 -1
  16. data/lib/fluent/config/configure_proxy.rb +30 -7
  17. data/lib/fluent/config/section.rb +4 -0
  18. data/lib/fluent/config/types.rb +2 -2
  19. data/lib/fluent/configurable.rb +31 -5
  20. data/lib/fluent/engine.rb +61 -12
  21. data/lib/fluent/event_router.rb +6 -0
  22. data/lib/fluent/load.rb +0 -1
  23. data/lib/fluent/log.rb +118 -42
  24. data/lib/fluent/match.rb +37 -0
  25. data/lib/fluent/plugin.rb +25 -3
  26. data/lib/fluent/plugin/base.rb +4 -0
  27. data/lib/fluent/plugin/buf_file.rb +38 -14
  28. data/lib/fluent/plugin/buffer.rb +20 -20
  29. data/lib/fluent/plugin/buffer/file_chunk.rb +2 -2
  30. data/lib/fluent/plugin/compressable.rb +1 -0
  31. data/lib/fluent/plugin/filter_record_transformer.rb +3 -6
  32. data/lib/fluent/plugin/formatter_csv.rb +4 -1
  33. data/lib/fluent/plugin/formatter_hash.rb +5 -1
  34. data/lib/fluent/plugin/formatter_json.rb +10 -0
  35. data/lib/fluent/plugin/formatter_ltsv.rb +2 -1
  36. data/lib/fluent/plugin/in_dummy.rb +4 -0
  37. data/lib/fluent/plugin/in_exec.rb +4 -0
  38. data/lib/fluent/plugin/in_forward.rb +11 -3
  39. data/lib/fluent/plugin/in_gc_stat.rb +4 -0
  40. data/lib/fluent/plugin/in_http.rb +4 -0
  41. data/lib/fluent/plugin/in_monitor_agent.rb +29 -2
  42. data/lib/fluent/plugin/in_object_space.rb +4 -1
  43. data/lib/fluent/plugin/in_syslog.rb +4 -0
  44. data/lib/fluent/plugin/in_tail.rb +193 -116
  45. data/lib/fluent/plugin/in_tcp.rb +5 -1
  46. data/lib/fluent/plugin/in_udp.rb +4 -0
  47. data/lib/fluent/plugin/input.rb +4 -0
  48. data/lib/fluent/plugin/out_copy.rb +4 -0
  49. data/lib/fluent/plugin/out_exec.rb +4 -0
  50. data/lib/fluent/plugin/out_exec_filter.rb +4 -0
  51. data/lib/fluent/plugin/out_file.rb +70 -30
  52. data/lib/fluent/plugin/out_forward.rb +132 -28
  53. data/lib/fluent/plugin/out_null.rb +10 -0
  54. data/lib/fluent/plugin/out_relabel.rb +4 -0
  55. data/lib/fluent/plugin/out_roundrobin.rb +4 -0
  56. data/lib/fluent/plugin/out_secondary_file.rb +5 -0
  57. data/lib/fluent/plugin/out_stdout.rb +5 -0
  58. data/lib/fluent/plugin/output.rb +18 -9
  59. data/lib/fluent/plugin/storage_local.rb +25 -2
  60. data/lib/fluent/plugin_helper/cert_option.rb +159 -0
  61. data/lib/fluent/plugin_helper/child_process.rb +6 -6
  62. data/lib/fluent/plugin_helper/compat_parameters.rb +1 -1
  63. data/lib/fluent/plugin_helper/event_loop.rb +29 -4
  64. data/lib/fluent/plugin_helper/inject.rb +14 -1
  65. data/lib/fluent/plugin_helper/server.rb +275 -31
  66. data/lib/fluent/plugin_helper/socket.rb +144 -4
  67. data/lib/fluent/plugin_helper/socket_option.rb +2 -17
  68. data/lib/fluent/plugin_helper/storage.rb +7 -1
  69. data/lib/fluent/plugin_helper/thread.rb +16 -4
  70. data/lib/fluent/registry.rb +26 -9
  71. data/lib/fluent/root_agent.rb +7 -3
  72. data/lib/fluent/supervisor.rb +37 -15
  73. data/lib/fluent/system_config.rb +37 -10
  74. data/lib/fluent/test.rb +2 -0
  75. data/lib/fluent/test/driver/base.rb +24 -26
  76. data/lib/fluent/test/helpers.rb +21 -0
  77. data/lib/fluent/version.rb +1 -1
  78. data/test/command/test_fluentd.rb +274 -4
  79. data/test/config/test_configurable.rb +154 -0
  80. data/test/config/test_configure_proxy.rb +180 -1
  81. data/test/config/test_system_config.rb +10 -0
  82. data/test/config/test_types.rb +1 -0
  83. data/test/plugin/test_base.rb +4 -0
  84. data/test/plugin/test_buf_file.rb +241 -9
  85. data/test/plugin/test_buffer.rb +11 -11
  86. data/test/plugin/test_buffer_file_chunk.rb +6 -6
  87. data/test/plugin/test_compressable.rb +3 -0
  88. data/test/plugin/test_filter.rb +4 -0
  89. data/test/plugin/test_filter_record_transformer.rb +20 -0
  90. data/test/plugin/test_formatter_csv.rb +9 -0
  91. data/test/plugin/test_formatter_hash.rb +35 -0
  92. data/test/plugin/test_formatter_json.rb +8 -0
  93. data/test/plugin/test_formatter_ltsv.rb +7 -0
  94. data/test/plugin/test_in_dummy.rb +7 -3
  95. data/test/plugin/test_in_monitor_agent.rb +43 -5
  96. data/test/plugin/test_in_tail.rb +97 -4
  97. data/test/plugin/test_input.rb +4 -0
  98. data/test/plugin/test_out_file.rb +46 -7
  99. data/test/plugin/test_out_forward.rb +59 -7
  100. data/test/plugin/test_output.rb +10 -4
  101. data/test/plugin/test_output_as_buffered.rb +37 -25
  102. data/test/plugin/test_output_as_buffered_compress.rb +1 -1
  103. data/test/plugin/test_output_as_buffered_retries.rb +6 -6
  104. data/test/plugin/test_output_as_buffered_secondary.rb +91 -31
  105. data/test/plugin/test_storage_local.rb +40 -1
  106. data/test/plugin_helper/test_child_process.rb +29 -28
  107. data/test/plugin_helper/test_compat_parameters.rb +1 -1
  108. data/test/plugin_helper/test_inject.rb +27 -9
  109. data/test/plugin_helper/test_server.rb +822 -50
  110. data/test/plugin_helper/test_storage.rb +11 -0
  111. data/test/plugin_helper/test_timer.rb +1 -0
  112. data/test/test_clock.rb +164 -0
  113. data/test/test_log.rb +146 -15
  114. data/test/test_plugin.rb +251 -0
  115. data/test/test_supervisor.rb +65 -57
  116. data/test/test_test_drivers.rb +2 -2
  117. metadata +18 -7
  118. data/lib/fluent/process.rb +0 -504
  119. data/test/test_process.rb +0 -48
@@ -21,6 +21,9 @@ module Fluent::Plugin
21
21
  # This plugin is for tests of non-buffered/buffered plugins
22
22
  Fluent::Plugin.register_output('null', self)
23
23
 
24
+ desc "The parameter for testing to simulate output plugin which never succeed to flush."
25
+ config_param :never_flush, :bool, default: false
26
+
24
27
  config_section :buffer do
25
28
  config_set_default :chunk_keys, ['tag']
26
29
  config_set_default :flush_at_shutdown, true
@@ -43,17 +46,24 @@ module Fluent::Plugin
43
46
  @feed_proc = nil
44
47
  end
45
48
 
49
+ def multi_workers_ready?
50
+ true
51
+ end
52
+
46
53
  def process(tag, es)
54
+ raise "failed to flush" if @never_flush
47
55
  # Do nothing
48
56
  end
49
57
 
50
58
  def write(chunk)
59
+ raise "failed to flush" if @never_flush
51
60
  if @feed_proc
52
61
  @feed_proc.call(chunk)
53
62
  end
54
63
  end
55
64
 
56
65
  def try_write(chunk)
66
+ raise "failed to flush" if @never_flush
57
67
  if @feed_proc
58
68
  @feed_proc.call(chunk)
59
69
  end
@@ -21,6 +21,10 @@ module Fluent::Plugin
21
21
  Fluent::Plugin.register_output('relabel', self)
22
22
  helpers :event_emitter
23
23
 
24
+ def multi_workers_ready?
25
+ true
26
+ end
27
+
24
28
  def process(tag, es)
25
29
  router.emit_stream(tag, es)
26
30
  end
@@ -42,6 +42,10 @@ module Fluent::Plugin
42
42
  @rand_seed = Random.new.seed
43
43
  end
44
44
 
45
+ def multi_workers_ready?
46
+ true
47
+ end
48
+
45
49
  def start
46
50
  super
47
51
  rebuild_weight_array
@@ -65,6 +65,11 @@ module Fluent::Plugin
65
65
  @file_perm = system_config.file_permission || FILE_PERMISSION
66
66
  end
67
67
 
68
+ def multi_workers_ready?
69
+ ### TODO: add hack to synchronize for multi workers
70
+ true
71
+ end
72
+
68
73
  def write(chunk)
69
74
  path_without_suffix = extract_placeholders(@path_without_suffix, chunk.metadata)
70
75
  path = generate_path(path_without_suffix)
@@ -41,6 +41,10 @@ module Fluent::Plugin
41
41
  false
42
42
  end
43
43
 
44
+ def multi_workers_ready?
45
+ true
46
+ end
47
+
44
48
  attr_accessor :formatter
45
49
 
46
50
  def configure(conf)
@@ -52,6 +56,7 @@ module Fluent::Plugin
52
56
  end
53
57
 
54
58
  def process(tag, es)
59
+ es = inject_values_to_event_stream(tag, es)
55
60
  es.each {|time,record|
56
61
  $log.write(format(tag, time, record))
57
62
  }
@@ -20,6 +20,7 @@ require 'fluent/plugin_id'
20
20
  require 'fluent/plugin_helper'
21
21
  require 'fluent/timezone'
22
22
  require 'fluent/unique_id'
23
+ require 'fluent/clock'
23
24
 
24
25
  require 'time'
25
26
  require 'monitor'
@@ -40,8 +41,6 @@ module Fluent
40
41
 
41
42
  CHUNKING_FIELD_WARN_NUM = 4
42
43
 
43
- PROCESS_CLOCK_ID = Process::CLOCK_MONOTONIC_RAW rescue Process::CLOCK_MONOTONIC
44
-
45
44
  config_param :time_as_integer, :bool, default: false
46
45
  desc 'The threshold to show slow flush logs'
47
46
  config_param :slow_flush_log_threshold, :float, default: 20.0
@@ -141,6 +140,10 @@ module Fluent
141
140
  true
142
141
  end
143
142
 
143
+ def multi_workers_ready?
144
+ false
145
+ end
146
+
144
147
  # Internal states
145
148
  FlushThreadState = Struct.new(:thread, :next_clock)
146
149
  DequeuedChunkInfo = Struct.new(:chunk_id, :time, :timeout) do
@@ -782,13 +785,19 @@ module Fluent
782
785
  begin
783
786
  block.call
784
787
  rescue Fluent::Plugin::Buffer::BufferOverflowError
785
- log.warn "failed to write data into buffer by buffer overflow"
788
+ log.warn "failed to write data into buffer by buffer overflow", action: @buffer_config.overflow_action
786
789
  case @buffer_config.overflow_action
787
790
  when :throw_exception
788
791
  raise
789
792
  when :block
790
793
  log.debug "buffer.write is now blocking"
791
794
  until @buffer.storable?
795
+ if self.stopped?
796
+ log.error "breaking block behavior to shutdown Fluentd"
797
+ # to break infinite loop to exit Fluentd process
798
+ raise
799
+ end
800
+ log.trace "sleeping until buffer can store more data"
792
801
  sleep 1
793
802
  end
794
803
  log.debug "retrying buffer.write after blocked operation"
@@ -973,7 +982,7 @@ module Fluent
973
982
  chunk = @buffer.dequeue_chunk
974
983
  return unless chunk
975
984
 
976
- log.debug "trying flush for a chunk", chunk: dump_unique_id_hex(chunk.unique_id)
985
+ log.trace "trying flush for a chunk", chunk: dump_unique_id_hex(chunk.unique_id)
977
986
 
978
987
  output = self
979
988
  using_secondary = false
@@ -987,7 +996,7 @@ module Fluent
987
996
  end
988
997
 
989
998
  begin
990
- chunk_write_start = Process.clock_gettime(PROCESS_CLOCK_ID)
999
+ chunk_write_start = Fluent::Clock.now
991
1000
 
992
1001
  if output.delayed_commit
993
1002
  log.trace "executing delayed write and commit", chunk: dump_unique_id_hex(chunk.unique_id)
@@ -1029,7 +1038,7 @@ module Fluent
1029
1038
  end
1030
1039
 
1031
1040
  def check_slow_flush(start)
1032
- elapsed_time = Process.clock_gettime(PROCESS_CLOCK_ID) - start
1041
+ elapsed_time = Fluent::Clock.now - start
1033
1042
  if elapsed_time > @slow_flush_log_threshold
1034
1043
  log.warn "buffer flush took longer time than slow_flush_log_threshold:",
1035
1044
  elapsed_time: elapsed_time, slow_flush_log_threshold: @slow_flush_log_threshold, plugin_id: self.plugin_id
@@ -1217,7 +1226,7 @@ module Fluent
1217
1226
  def flush_thread_run(state)
1218
1227
  flush_thread_interval = @buffer_config.flush_thread_interval
1219
1228
 
1220
- state.next_clock = Process.clock_gettime(PROCESS_CLOCK_ID) + flush_thread_interval
1229
+ state.next_clock = Fluent::Clock.now + flush_thread_interval
1221
1230
 
1222
1231
  while !self.after_started? && !self.stopped?
1223
1232
  sleep 0.5
@@ -1227,7 +1236,7 @@ module Fluent
1227
1236
  begin
1228
1237
  # This thread don't use `thread_current_running?` because this thread should run in `before_shutdown` phase
1229
1238
  while @output_flush_threads_running
1230
- current_clock = Process.clock_gettime(PROCESS_CLOCK_ID)
1239
+ current_clock = Fluent::Clock.now
1231
1240
  interval = state.next_clock - current_clock
1232
1241
 
1233
1242
  if state.next_clock <= current_clock && (!@retry || @retry_mutex.synchronize{ @retry.next_time } <= Time.now)
@@ -1238,7 +1247,7 @@ module Fluent
1238
1247
  # TODO: if secondary && delayed-commit, next_flush_time will be much longer than expected
1239
1248
  # because @retry still exists (#commit_write is not called yet in #try_flush)
1240
1249
  # @retry should be cleared if delayed commit is enabled? Or any other solution?
1241
- state.next_clock = Process.clock_gettime(PROCESS_CLOCK_ID) + interval
1250
+ state.next_clock = Fluent::Clock.now + interval
1242
1251
  end
1243
1252
 
1244
1253
  if @dequeued_chunks_mutex.synchronize{ !@dequeued_chunks.empty? && @dequeued_chunks.first.expired? }
@@ -42,6 +42,7 @@ module Fluent
42
42
  def initialize
43
43
  super
44
44
  @store = {}
45
+ @multi_workers_available = nil
45
46
  end
46
47
 
47
48
  def configure(conf)
@@ -49,9 +50,23 @@ module Fluent
49
50
 
50
51
  @on_memory = false
51
52
  if @path
52
- # use it
53
+ if File.exist?(@path) && File.file?(@path)
54
+ @multi_workers_available = false
55
+ elsif File.exist?(@path) && File.directory?(@path)
56
+ @path = File.join(@path, "worker#{fluentd_worker_id}", "storage.json")
57
+ @multi_workers_available = true
58
+ else # path file/directory doesn't exist
59
+ if @path.end_with?('.json') # file
60
+ @multi_workers_available = false
61
+ else # directory
62
+ @path = File.join(@path, "worker#{fluentd_worker_id}", "storage.json")
63
+ @multi_workers_available = true
64
+ end
65
+ end
53
66
  elsif root_dir = owner.plugin_root_dir
54
- @path = File.join(root_dir, 'storage.json')
67
+ basename = (conf.arg && !conf.arg.empty?) ? "storage.#{conf.arg}.json" : "storage.json"
68
+ @path = File.join(root_dir, basename)
69
+ @multi_workers_available = true
55
70
  else
56
71
  if @persistent
57
72
  raise Fluent::ConfigError, "Plugin @id or path for <storage> required when 'persistent' is true"
@@ -62,6 +77,7 @@ module Fluent
62
77
  log.info "both of Plugin @id and path for <storage> are not specified. Using on-memory store."
63
78
  end
64
79
  @on_memory = true
80
+ @multi_workers_available = true
65
81
  end
66
82
  end
67
83
 
@@ -83,6 +99,13 @@ module Fluent
83
99
  end
84
100
  end
85
101
 
102
+ def multi_workers_ready?
103
+ unless @multi_workers_available
104
+ log.error "local plugin storage with multi workers should be configured to use directory 'path', or system root_dir and plugin id"
105
+ end
106
+ @multi_workers_available
107
+ end
108
+
86
109
  def load
87
110
  return if @on_memory
88
111
  return unless File.exist?(@path)
@@ -0,0 +1,159 @@
1
+ #
2
+ # Fluentd
3
+ #
4
+ # Licensed under the Apache License, Version 2.0 (the "License");
5
+ # you may not use this file except in compliance with the License.
6
+ # You may obtain a copy of the License at
7
+ #
8
+ # http://www.apache.org/licenses/LICENSE-2.0
9
+ #
10
+ # Unless required by applicable law or agreed to in writing, software
11
+ # distributed under the License is distributed on an "AS IS" BASIS,
12
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ # See the License for the specific language governing permissions and
14
+ # limitations under the License.
15
+ #
16
+
17
+ require 'openssl'
18
+ require 'socket'
19
+
20
+ # this module is only for Socket/Server plugin helpers
21
+ module Fluent
22
+ module PluginHelper
23
+ module CertOption
24
+ def cert_option_create_context(version, insecure, ciphers, conf)
25
+ cert, key, extra = cert_option_server_validate!(conf)
26
+
27
+ ctx = OpenSSL::SSL::SSLContext.new(version)
28
+ unless insecure
29
+ # inject OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
30
+ # https://bugs.ruby-lang.org/issues/9424
31
+ ctx.set_params({})
32
+
33
+ ctx.ciphers = ciphers
34
+ end
35
+
36
+ ctx.cert = cert
37
+ ctx.key = key
38
+ if extra && !extra.empty?
39
+ ctx.extra_chain_cert = extra
40
+ end
41
+
42
+ ctx
43
+ end
44
+
45
+ def cert_option_server_validate!(conf)
46
+ case
47
+ when conf.cert_path
48
+ raise Fluent::ConfigError, "private_key_path is required when cert_path is specified" unless conf.private_key_path
49
+ raise Fluent::ConfigError, "private_key_passphrase is required when cert_path is specified" unless conf.private_key_passphrase
50
+ cert_option_load(conf.cert_path, conf.private_key_path, conf.private_key_passphrase)
51
+
52
+ when conf.ca_cert_path
53
+ raise Fluent::ConfigError, "ca_private_key_path is required when ca_cert_path is specified" unless conf.ca_private_key_path
54
+ raise Fluent::ConfigError, "ca_private_key_passphrase is required when ca_cert_path is specified" unless conf.ca_private_key_passphrase
55
+ generate_opts = cert_option_cert_generation_opts_from_conf(conf)
56
+ cert_option_generate_server_pair_by_ca(
57
+ conf.ca_cert_path,
58
+ conf.ca_private_key_path,
59
+ conf.ca_private_key_passphrase,
60
+ generate_opts
61
+ )
62
+
63
+ when conf.insecure
64
+ log.warn "insecure TLS communication server is configured (using 'insecure' mode)"
65
+ generate_opts = cert_option_cert_generation_opts_from_conf(conf)
66
+ cert_option_generate_server_pair_self_signed(generate_opts)
67
+
68
+ else
69
+ raise Fluent::ConfigError, "no valid cert options configured. specify either 'cert_path', 'ca_cert_path' or 'insecure'"
70
+ end
71
+ end
72
+
73
+ def cert_option_load(cert_path, private_key_path, private_key_passphrase)
74
+ key = OpenSSL::PKey::RSA.new(File.read(private_key_path), private_key_passphrase)
75
+ certs = cert_option_certificates_from_file(cert_path)
76
+ cert = certs.shift
77
+ return cert, key, certs
78
+ end
79
+
80
+ def cert_option_cert_generation_opts_from_conf(conf)
81
+ {
82
+ private_key_length: conf.generate_private_key_length,
83
+ country: conf.generate_cert_country,
84
+ state: conf.generate_cert_state,
85
+ locality: conf.generate_cert_locality,
86
+ common_name: conf.generate_cert_common_name || ::Socket.gethostname,
87
+ expiration: conf.generate_cert_expiration,
88
+ digest: conf.generate_cert_digest,
89
+ }
90
+ end
91
+
92
+ def cert_option_generate_pair(opts, issuer = nil)
93
+ key = OpenSSL::PKey::RSA.generate(opts[:private_key_length])
94
+
95
+ subject = OpenSSL::X509::Name.new
96
+ subject.add_entry('C', opts[:country])
97
+ subject.add_entry('ST', opts[:state])
98
+ subject.add_entry('L', opts[:locality])
99
+ subject.add_entry('CN', opts[:common_name])
100
+
101
+ issuer ||= subject
102
+
103
+ cert = OpenSSL::X509::Certificate.new
104
+ cert.not_before = Time.at(0)
105
+ cert.not_after = Time.now + opts[:expiration]
106
+ cert.public_key = key
107
+ cert.serial = 1
108
+ cert.issuer = issuer
109
+ cert.subject = subject
110
+
111
+ return cert, key
112
+ end
113
+
114
+ def cert_option_generate_ca_pair_self_signed(generate_opts)
115
+ cert, key = cert_option_generate_pair(generate_opts)
116
+
117
+ # basicConstraints: this cert is for CA or not
118
+ cert.add_extension OpenSSL::X509::Extension.new('basicConstraints', OpenSSL::ASN1.Sequence([OpenSSL::ASN1::Boolean(true)]))
119
+
120
+ cert.sign(key, generate_opts[:digest].to_s)
121
+ return cert, key
122
+ end
123
+
124
+ def cert_option_generate_server_pair_by_ca(ca_cert_path, ca_key_path, ca_key_passphrase, generate_opts)
125
+ ca_key = OpenSSL::PKey::RSA.new(File.read(ca_key_path), ca_key_passphrase)
126
+ ca_cert = OpenSSL::X509::Certificate.new(File.read(ca_cert_path))
127
+ cert, key = cert_option_generate_pair(generate_opts, ca_cert.subject)
128
+ raise "BUG: certificate digest algorithm not set" unless generate_opts[:digest]
129
+
130
+ # basicConstraints: this cert is for CA or not
131
+ cert.add_extension OpenSSL::X509::Extension.new('basicConstraints', OpenSSL::ASN1.Sequence([OpenSSL::ASN1::Boolean(false)]))
132
+ cert.add_extension OpenSSL::X509::Extension.new('nsCertType', 'server')
133
+
134
+ cert.sign(ca_key, generate_opts[:digest].to_s)
135
+ return cert, key, nil
136
+ end
137
+
138
+ def cert_option_generate_server_pair_self_signed(generate_opts)
139
+ cert, key = cert_option_generate_pair(generate_opts)
140
+ raise "BUG: certificate digest algorithm not set" unless generate_opts[:digest]
141
+
142
+ # basicConstraints: this cert is for CA or not
143
+ cert.add_extension OpenSSL::X509::Extension.new('basicConstraints', OpenSSL::ASN1.Sequence([OpenSSL::ASN1::Boolean(false)]))
144
+ cert.add_extension OpenSSL::X509::Extension.new('nsCertType', 'server')
145
+
146
+ cert.sign(key, generate_opts[:digest].to_s)
147
+ return cert, key, nil
148
+ end
149
+
150
+ def cert_option_certificates_from_file(path)
151
+ data = File.read(path)
152
+ pattern = Regexp.compile('-+BEGIN CERTIFICATE-+\n(?:[^-]*\n)+-+END CERTIFICATE-+\n', Regexp::MULTILINE)
153
+ list = []
154
+ data.scan(pattern){|match| list << OpenSSL::X509::Certificate.new(match) }
155
+ list
156
+ end
157
+ end
158
+ end
159
+ end
@@ -16,6 +16,7 @@
16
16
 
17
17
  require 'fluent/plugin_helper/thread'
18
18
  require 'fluent/plugin_helper/timer'
19
+ require 'fluent/clock'
19
20
 
20
21
  require 'open3'
21
22
  require 'timeout'
@@ -125,7 +126,6 @@ module Fluent
125
126
  @_child_process_kill_timeout = CHILD_PROCESS_DEFAULT_KILL_TIMEOUT
126
127
  @_child_process_mutex = Mutex.new
127
128
  @_child_process_processes = {} # pid => ProcessInfo
128
- @_child_process_clock_id = Process::CLOCK_MONOTONIC_RAW rescue Process::CLOCK_MONOTONIC
129
129
  end
130
130
 
131
131
  def stop
@@ -154,8 +154,8 @@ module Fluent
154
154
  child_process_kill(process_info)
155
155
  end
156
156
 
157
- exit_wait_timeout = Process.clock_gettime(@_child_process_clock_id) + @_child_process_exit_timeout
158
- while Process.clock_gettime(@_child_process_clock_id) < exit_wait_timeout
157
+ exit_wait_timeout = Fluent::Clock.now + @_child_process_exit_timeout
158
+ while Fluent::Clock.now < exit_wait_timeout
159
159
  process_exists = false
160
160
  @_child_process_mutex.synchronize{ @_child_process_processes.keys }.each do |pid|
161
161
  unless @_child_process_processes[pid].exit_status
@@ -183,9 +183,9 @@ module Fluent
183
183
 
184
184
  living_process_exist = true
185
185
 
186
- process_info.killed_at ||= Process.clock_gettime(@_child_process_clock_id) # for illegular case (e.g., created after shutdown)
186
+ process_info.killed_at ||= Fluent::Clock.now # for illegular case (e.g., created after shutdown)
187
187
  timeout_at = process_info.killed_at + @_child_process_kill_timeout
188
- now = Process.clock_gettime(@_child_process_clock_id)
188
+ now = Fluent::Clock.now
189
189
  next if now < timeout_at
190
190
 
191
191
  child_process_kill(process_info, force: true)
@@ -207,7 +207,7 @@ module Fluent
207
207
 
208
208
  def child_process_kill(pinfo, force: false)
209
209
  return if !pinfo
210
- pinfo.killed_at = Process.clock_gettime(@_child_process_clock_id) unless force
210
+ pinfo.killed_at = Fluent::Clock.now unless force
211
211
 
212
212
  pid = pinfo.pid
213
213
  begin