itsi-scheduler 0.1.5 → 0.1.19

data/ext/itsi_server/src/server/middleware_stack/mod.rs

@@ -0,0 +1,347 @@
+mod middleware;
+mod middlewares;
+use http::header::{ACCEPT, CONTENT_TYPE, HOST};
+use itsi_rb_helpers::HeapVal;
+use magnus::{error::Result, value::ReprValue, RArray, RHash, Ruby, TryConvert, Value};
+pub use middleware::Middleware;
+pub use middlewares::*;
+use regex::{Regex, RegexSet};
+use std::{collections::HashMap, sync::Arc};
+use tracing::debug;
+
+use super::http_message_types::HttpRequest;
+
+#[derive(Debug)]
+pub struct MiddlewareSet {
+    pub route_set: RegexSet,
+    pub patterns: Vec<Arc<Regex>>,
+    pub stacks: HashMap<usize, MiddlewareStack>,
+}
+
+#[derive(Debug)]
+pub struct MiddlewareStack {
+    layers: Vec<Middleware>,
+    methods: Option<Vec<StringMatch>>,
+    protocols: Option<Vec<StringMatch>>,
+    hosts: Option<Vec<StringMatch>>,
+    extensions: Option<Vec<StringMatch>>,
+    ports: Option<Vec<StringMatch>>,
+    content_types: Option<Vec<StringMatch>>,
+    accepts: Option<Vec<StringMatch>>,
+}
+
+#[derive(Debug)]
+enum StringMatch {
+    Exact(String),
+    Wildcard(Regex),
+}
+
+impl StringMatch {
+    fn from_value(value: Value) -> Result<Self> {
+        let ruby = Ruby::get().unwrap();
+        if value.is_kind_of(ruby.class_regexp()) {
+            let src_str = value.funcall::<_, _, String>("source", ())?;
+            let regex = Regex::new(&src_str).map_err(|e| {
+                magnus::Error::new(
+                    magnus::exception::standard_error(),
+                    format!("Invalid regexp: {}", e),
+                )
+            })?;
+            Ok(StringMatch::Wildcard(regex))
+        } else {
+            Ok(StringMatch::Exact(value.to_string()))
+        }
+    }
+
+    fn matches(&self, value: &str) -> bool {
+        match self {
+            StringMatch::Exact(s) => s.eq_ignore_ascii_case(value),
+            StringMatch::Wildcard(re) => re.is_match(value),
+        }
+    }
+}
+
+impl MiddlewareStack {
+    pub fn matches(&self, request: &HttpRequest) -> bool {
+        if let Some(methods) = &self.methods {
+            let method = request.method().as_str();
+            if !methods.iter().any(|m| m.matches(method)) {
+                return false;
+            }
+        }
+
+        if let (Some(protocols), Some(protocol)) = (&self.protocols, request.uri().scheme()) {
+            if !protocols.iter().any(|p| p.matches(protocol.as_str())) {
+                return false;
+            }
+        }
+
+        if let (Some(hosts), Some(host)) = (&self.hosts, request.headers().get(HOST)) {
+            if let Ok(host) = host.to_str() {
+                if !hosts.iter().any(|d| d.matches(host)) {
+                    return false;
+                }
+            }
+        }
+
+        if let (Some(ports), Some(port)) = (&self.ports, request.uri().port()) {
+            if !ports.iter().any(|d| d.matches(port.as_str())) {
+                return false;
+            }
+        }
+
+        if let Some(extensions) = &self.extensions {
+            let path = request.uri().path();
+            let segment = path.split('/').next_back().unwrap_or("");
+            let extension = segment.split('.').next_back().unwrap_or("");
+            let extension = if segment != extension { extension } else { "" };
+            if !extensions.iter().any(|e| e.matches(extension)) {
+                return false;
+            }
+        }
+
+        if let Some(content_types) = &self.content_types {
+            if let Some(content_type) = request.headers().get(CONTENT_TYPE) {
+                if !content_types
+                    .iter()
+                    .any(|ct| ct.matches(content_type.to_str().unwrap_or("")))
+                {
+                    return false;
+                }
+            }
+        }
+
+        if let Some(accepts) = &self.accepts {
+            if let Some(accept) = request.headers().get(ACCEPT) {
+                if !accepts
+                    .iter()
+                    .any(|a| a.matches(accept.to_str().unwrap_or("")))
+                {
+                    return false;
+                }
+            }
+        }
+
+        true
+    }
+}
+
+impl MiddlewareSet {
+    pub fn new(routes_raw: Option<HeapVal>) -> Result<Self> {
+        if let Some(routes_raw) = routes_raw {
+            let mut stacks = HashMap::new();
+            let mut routes = vec![];
+            for (index, route) in RArray::from_value(*routes_raw)
+                .ok_or(magnus::Error::new(
+                    magnus::exception::standard_error(),
+                    format!("Routes must be an array. Got {:?}", routes_raw),
+                ))?
+                .into_iter()
+                .enumerate()
+            {
+                let route_hash: RHash = RHash::try_convert(route)?;
+                let route_raw = route_hash
+                    .get("route")
+                    .ok_or(magnus::Error::new(
+                        magnus::exception::standard_error(),
+                        "Route is missing :route key",
+                    ))?
+                    .funcall::<_, _, String>("source", ())?;
+                let middleware =
+                    RArray::from_value(route_hash.get("middleware").ok_or(magnus::Error::new(
+                        magnus::exception::standard_error(),
+                        "Route is missing middleware key",
+                    ))?)
+                    .ok_or(magnus::Error::new(
+                        magnus::exception::standard_error(),
+                        format!("middleware must be an array. Got {:?}", routes_raw),
+                    ))?;
+
+                let mut layers = middleware
+                    .into_iter()
+                    .map(MiddlewareSet::parse_middleware)
+                    .collect::<Result<Vec<_>>>()?;
+                routes.push(route_raw);
+                layers.sort();
+                stacks.insert(
+                    index,
+                    MiddlewareStack {
+                        layers,
+                        methods: extract_optional_match_array(route_hash, "methods")?,
+                        protocols: extract_optional_match_array(route_hash, "protocols")?,
+                        hosts: extract_optional_match_array(route_hash, "hosts")?,
+                        extensions: extract_optional_match_array(route_hash, "extensions")?,
+                        ports: extract_optional_match_array(route_hash, "ports")?,
+                        content_types: extract_optional_match_array(route_hash, "content_types")?,
+                        accepts: extract_optional_match_array(route_hash, "accepts")?,
+                    },
+                );
+            }
+            Ok(Self {
+                route_set: RegexSet::new(&routes).map_err(|e| {
+                    magnus::Error::new(
+                        magnus::exception::standard_error(),
+                        format!("Failed to create route set: {}", e),
+                    )
+                })?,
+                patterns: routes
+                    .into_iter()
+                    .map(|r| Regex::new(&r))
+                    .collect::<std::result::Result<Vec<Regex>, regex::Error>>()
+                    .map_err(|e| {
+                        magnus::Error::new(
+                            magnus::exception::standard_error(),
+                            format!("Failed to create route set: {}", e),
+                        )
+                    })?
+                    .into_iter()
+                    .map(Arc::new)
+                    .collect(),
+                stacks,
+            })
+        } else {
+            Err(magnus::Error::new(
+                magnus::exception::standard_error(),
+                "Failed to create middleware stack",
+            ))
+        }
+    }
+
+    pub fn stack_for(
+        &self,
+        request: &HttpRequest,
+    ) -> Result<(&Vec<Middleware>, Option<Arc<Regex>>)> {
+        let binding = self.route_set.matches(request.uri().path());
+        let matches = binding.iter();
+
+        debug!(
+            "Matching request URI {:?} against self.route_set: {:?}",
+            request.uri().path(),
+            self.route_set
+        );
+        for index in matches {
+            let matching_pattern = self.patterns.get(index).cloned();
+            if let Some(stack) = self.stacks.get(&index) {
+                if stack.matches(request) {
+                    return Ok((&stack.layers, matching_pattern));
+                }
+            }
+        }
+        debug!(
+            "Failed to match request URI {:?} to self.route_set: {:?}",
+            request.uri().path(),
+            self.route_set
+        );
+        Err(magnus::Error::new(
+            magnus::exception::standard_error(),
+            format!(
+                "No matching middleware stack found for request: {:?}",
+                request
+            ),
+        ))
+    }
+
+    pub fn parse_middleware(middleware: Value) -> Result<Middleware> {
+        let middleware_hash = RHash::from_value(middleware).ok_or(magnus::Error::new(
+            magnus::exception::standard_error(),
+            format!("Filter must be a hash. Got {:?}", middleware),
+        ))?;
+        let middleware_type: String = middleware_hash
+            .get("type")
+            .ok_or(magnus::Error::new(
+                magnus::exception::standard_error(),
+                format!("Filter must have a :type key. Got {:?}", middleware_hash),
+            ))?
+            .to_string();
+        let mw_type = middleware_type.clone();
+
+        let parameters: Value = middleware_hash.get("parameters").ok_or(magnus::Error::new(
+            magnus::exception::standard_error(),
+            format!(
+                "Filter must have a :parameters key. Got {:?}",
+                middleware_hash
+            ),
+        ))?;
+
+        let result = (move || -> Result<Middleware> {
+            match mw_type.as_str() {
+                "allow_list" => Ok(Middleware::AllowList(AllowList::from_value(parameters)?)),
+                "auth_basic" => Ok(Middleware::AuthBasic(AuthBasic::from_value(parameters)?)),
+                "auth_jwt" => Ok(Middleware::AuthJwt(Box::new(AuthJwt::from_value(
+                    parameters,
+                )?))),
+                "auth_api_key" => Ok(Middleware::AuthAPIKey(AuthAPIKey::from_value(parameters)?)),
+                "cache_control" => Ok(Middleware::CacheControl(CacheControl::from_value(
+                    parameters,
+                )?)),
+                "deny_list" => Ok(Middleware::DenyList(DenyList::from_value(parameters)?)),
+                "etag" => Ok(Middleware::ETag(ETag::from_value(parameters)?)),
+                "intrusion_protection" => Ok({
+                    Middleware::IntrusionProtection(IntrusionProtection::from_value(parameters)?)
+                }),
+                "max_body" => Ok(Middleware::MaxBody(MaxBody::from_value(parameters)?)),
+                "rate_limit" => Ok(Middleware::RateLimit(RateLimit::from_value(parameters)?)),
+                "cors" => Ok(Middleware::Cors(Box::new(Cors::from_value(parameters)?))),
+                "request_headers" => Ok(Middleware::RequestHeaders(RequestHeaders::from_value(
+                    parameters,
+                )?)),
+                "response_headers" => Ok(Middleware::ResponseHeaders(ResponseHeaders::from_value(
+                    parameters,
+                )?)),
+                "static_assets" => Ok(Middleware::StaticAssets(StaticAssets::from_value(
+                    parameters,
+                )?)),
+                "static_response" => Ok(Middleware::StaticResponse(StaticResponse::from_value(
+                    parameters,
+                )?)),
+                "compression" => Ok(Middleware::Compression(Compression::from_value(
+                    parameters,
+                )?)),
+                "log_requests" => Ok(Middleware::LogRequests(LogRequests::from_value(
+                    parameters,
+                )?)),
+                "redirect" => Ok(Middleware::Redirect(Redirect::from_value(parameters)?)),
+                "app" => Ok(Middleware::RubyApp(RubyApp::from_value(parameters.into())?)),
+                "proxy" => Ok(Middleware::Proxy(Proxy::from_value(parameters)?)),
+                _ => Err(magnus::Error::new(
+                    magnus::exception::standard_error(),
+                    format!("Unknown filter type: {}", mw_type),
+                )),
+            }
+        })();
+
+        match result {
+            Ok(result) => Ok(result),
+            Err(err) => Err(magnus::Error::new(
+                magnus::exception::standard_error(),
+                format!(
+                    "Failed to instantiate middleware of type {}, due to {}",
+                    middleware_type, err
+                ),
+            )),
+        }
+    }
+
+    pub async fn initialize_layers(&self) -> Result<()> {
+        for stack in self.stacks.values() {
+            for middleware in &stack.layers {
+                middleware.initialize().await?;
+            }
+        }
+        Ok(())
+    }
+}
+
+fn extract_optional_match_array(route_hash: RHash, arg: &str) -> Result<Option<Vec<StringMatch>>> {
+    let rarray = route_hash.aref::<_, Option<RArray>>(arg)?;
+    if let Some(array) = rarray {
+        Ok(Some(
+            array
+                .into_iter()
+                .map(StringMatch::from_value)
+                .collect::<Result<Vec<StringMatch>>>()?,
+        ))
+    } else {
+        Ok(None)
+    }
+}

data/ext/itsi_server/src/server/mod.rs

@@ -1,11 +1,12 @@
-pub mod bind;
-pub mod bind_protocol;
+pub mod binds;
+pub mod byte_frame;
+pub mod http_message_types;
 pub mod io_stream;
-pub mod itsi_server;
 pub mod lifecycle_event;
-pub mod listener;
+pub mod middleware_stack;
 pub mod process_worker;
+pub mod request_job;
 pub mod serve_strategy;
 pub mod signal;
+pub mod size_limited_incoming;
 pub mod thread_worker;
-pub mod tls;

data/ext/itsi_server/src/server/process_worker.rs

@@ -1,4 +1,5 @@
 use super::serve_strategy::{cluster_mode::ClusterMode, single_mode::SingleMode};
+use core_affinity::CoreId;
 use itsi_error::{ItsiError, Result};
 use itsi_rb_helpers::{call_with_gvl, call_without_gvl, create_ruby_thread, fork};
 use itsi_tracing::error;
@@ -7,7 +8,7 @@ use nix::{
     sys::{
         signal::{
             kill,
-            Signal::{SIGKILL, SIGTERM},
+            Signal::{SIGKILL, SIGTERM, SIGUSR2},
         },
         wait::{waitpid, WaitPidFlag, WaitStatus},
     },
@@ -16,7 +17,7 @@ use nix::{
 use parking_lot::Mutex;
 use std::{
     process::{self, exit},
-    sync::Arc,
+    sync::{Arc, LazyLock},
     time::{Duration, Instant},
 };
 use sysinfo::System;
@@ -41,6 +42,8 @@ impl Default for ProcessWorker {
     }
 }
 
+static CORE_IDS: LazyLock<Vec<CoreId>> = LazyLock::new(|| core_affinity::get_core_ids().unwrap());
+
 impl ProcessWorker {
     #[instrument(skip(self, cluster_template), fields(self.worker_id = %self.worker_id))]
     pub(crate) fn boot(&self, cluster_template: Arc<ClusterMode>) -> Result<()> {
@@ -54,7 +57,17 @@ impl ProcessWorker {
             *self.child_pid.lock() = None;
         }
 
-        match call_with_gvl(|_ruby| fork(cluster_template.server.after_fork.lock().clone())) {
+        match call_with_gvl(|_ruby| {
+            fork(
+                cluster_template
+                    .server_config
+                    .server_params
+                    .read()
+                    .hooks
+                    .get("after_fork")
+                    .cloned(),
+            )
+        }) {
             Some(pid) => {
                 *self.child_pid.lock() = Some(Pid::from_raw(pid));
             }
@@ -65,12 +78,18 @@ impl ProcessWorker {
                 ) {
                     error!("Failed to set process group ID: {}", e);
                 }
-                match SingleMode::new(
-                    cluster_template.server.clone(),
-                    cluster_template.listeners.clone(),
-                    cluster_template.lifecycle_channel.clone(),
-                ) {
+                match SingleMode::new(cluster_template.server_config.clone()) {
                     Ok(single_mode) => {
+                        if cluster_template
+                            .server_config
+                            .server_params
+                            .read()
+                            .pin_worker_cores
+                        {
+                            core_affinity::set_for_current(
+                                CORE_IDS[self.worker_id % CORE_IDS.len()],
+                            );
+                        }
                         Arc::new(single_mode).run().ok();
                     }
                     Err(e) => {
@@ -83,6 +102,13 @@ impl ProcessWorker {
         Ok(())
     }
 
+    pub fn pid(&self) -> i32 {
+        if let Some(pid) = *self.child_pid.lock() {
+            return pid.as_raw();
+        }
+        0
+    }
+
     pub(crate) fn memory_usage(&self) -> Option<u64> {
         if let Some(pid) = *self.child_pid.lock() {
             let s = System::new_all();
@@ -122,8 +148,14 @@ impl ProcessWorker {
     pub(crate) async fn graceful_shutdown(&self, cluster_template: Arc<ClusterMode>) {
         let self_clone = self.clone();
         self_clone.request_shutdown();
-        let force_kill_time =
-            Instant::now() + Duration::from_secs_f64(cluster_template.server.shutdown_timeout);
+        let force_kill_time = Instant::now()
+            + Duration::from_secs_f64(
+                cluster_template
+                    .server_config
+                    .server_params
+                    .read()
+                    .shutdown_timeout,
+            );
         while self_clone.is_alive() && force_kill_time > Instant::now() {
             tokio::time::sleep(Duration::from_millis(100)).await;
         }
@@ -155,8 +187,12 @@ impl ProcessWorker {
     pub(crate) fn request_shutdown(&self) {
         let child_pid = *self.child_pid.lock();
         if let Some(pid) = child_pid {
-            if let Err(e) = kill(pid, SIGTERM) {
-                error!("Failed to send SIGTERM to process {}: {}", pid, e);
+            if self.is_alive() {
+                if let Err(e) = kill(pid, SIGTERM) {
+                    error!("Failed to send SIGTERM to process {}: {}", pid, e);
+                }
+            } else {
+                error!("Trying to shutdown a dead process");
             }
         }
     }
@@ -164,10 +200,25 @@ impl ProcessWorker {
     pub(crate) fn force_kill(&self) {
         let child_pid = *self.child_pid.lock();
         if let Some(pid) = child_pid {
-            if let Err(e) = kill(pid, SIGKILL) {
-                error!("Failed to force kill process {}: {}", pid, e);
+            if self.is_alive() {
+                info!("Worker still alive, sending SIGKILL {}", pid);
+                if let Err(e) = kill(pid, SIGKILL) {
+                    error!("Failed to force kill process {}: {}", pid, e);
+                }
+            }
+        }
+    }
+
+    pub fn print_info(&self) -> Result<()> {
+        let child_pid = *self.child_pid.lock();
+        if let Some(pid) = child_pid {
+            println!("Worker {:?}, PID: {:?}", self.worker_id, pid);
+            if let Err(e) = kill(pid, SIGUSR2) {
+                error!("Failed to send SIGUSR2 to process {}: {}", pid, e);
             }
         }
+
+        Ok(())
     }
 
     pub(crate) fn just_started(&self) -> bool {

data/ext/itsi_server/src/server/request_job.rs

@@ -0,0 +1,11 @@
+use crate::ruby_types::{itsi_grpc_call::ItsiGrpcCall, itsi_http_request::ItsiHttpRequest};
+use itsi_rb_helpers::HeapValue;
+use magnus::block::Proc;
+use std::sync::Arc;
+
+#[derive(Debug)]
+pub enum RequestJob {
+    ProcessHttpRequest(ItsiHttpRequest, Arc<HeapValue<Proc>>),
+    ProcessGrpcRequest(ItsiGrpcCall, Arc<HeapValue<Proc>>),
+    Shutdown,
+}