puma 5.1.1 → 5.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3a6a1bfd1d41d66c8aef6c52a2a043a0e537a1ddb51e20c778bb2da023d9a964
-  data.tar.gz: d256171ae36d0c5d1646ecbea4476df3e1bf7fbba5415c6ca6672eacbc5bd995
+  metadata.gz: bcabc9a852bfbed380445b6649ee9e27a2e4741994a27b579e5c4fe94ab6e282
+  data.tar.gz: 00ae9ffe82807c9419afaaf955af384f2c87b07914ab36e32c060a83df4075e9
 SHA512:
-  metadata.gz: 9d6e9dfa206d98785ff62d7c03cd5193d5745918d684bf2a7d78027294ae345eb34d32d819ffda08ba34629cda589b0138faf1fdc91606a0cbab352615c859f3
-  data.tar.gz: 6775ccd4eaf9abdda6191c07b7d668588b813dbc96b71496b98cb0ee2ffefb94dd3db068159d8a2c746e5bcc4e4456fa6c4f12c721b66f6c5bed13b9e19718e2
+  metadata.gz: 6a6d4ca8d9ffeea284756f5cc6418b0d6649e360ab5b76bec8db8a6bd6d5cf059957725f3ac50949fd15bc1e54f31c6f50b1b5073cef6814dfca042d84cc04e6
+  data.tar.gz: f5ad303fd4d4d3256fa0b20a0d608c2cfdea87901c8c56407420078cac5cd69591a686d12153865855532d0702122d34c80bf60ae4aed1f5ec081d20d3414f7e

data/History.md

@@ -1,8 +1,77 @@
+## 5.3.1 / 2021-05-11
+
+* Security
+  * Close keepalive connections after the maximum number of fast inlined requests (#2625)
+
+## 5.3.0 / 2021-05-07
+
+* Features
+  * Add support for Linux's abstract sockets ([#2564], [#2526])
+  * Add debug to worker timeout and startup ([#2559], [#2528])
+  * Print warning when running one-worker cluster ([#2565], [#2534])
+  * Don't close systemd activated socket on pumactl restart ([#2563], [#2504])
+
+* Bugfixes
+  * systemd - fix event firing ([#2591], [#2572])
+  * Immediately unlink temporary files ([#2613])
+  * Improve parsing of HTTP_HOST header ([#2605], [#2584])
+  * Handle fatal error that has no backtrace ([#2607], [#2552])
+  * Fix timing out requests too early ([#2606], [#2574])
+  * Handle segfault in Ruby 2.6.6 on thread-locals ([#2567], [#2566])
+  * Server#closed_socket? - parameter may be a MiniSSL::Socket ([#2596])
+  * Define UNPACK_TCP_STATE_FROM_TCP_INFO in the right place ([#2588], [#2556])
+  * request.rb - fix chunked assembly for ascii incompatible encodings, add test ([#2585], [#2583])
+
+* Performance
+  * Reset peerip only if remote_addr_header is set ([#2609])
+  * Reduce puma_parser struct size ([#2590])
+
+* Refactor
+  * Refactor drain on shutdown ([#2600])
+  * Micro optimisations in `wait_for_less_busy_worker` feature ([#2579])
+  * Lots of test fixes
+
+## 5.2.2 / 2021-02-22
+
+* Bugfixes
+  * Add `#flush` and `#sync` methods to `Puma::NullIO`  ([#2553])
+  * Restore `sync=true` on `STDOUT` and `STDERR` streams ([#2557])
+
+## 5.2.1 / 2021-02-05
+
+* Bugfixes
+  * Fix TCP cork/uncork operations to work with ssl clients ([#2550])
+  * Require rack/common_logger explicitly if :verbose is true ([#2547])
+  * MiniSSL::Socket#write - use data.byteslice(wrote..-1) ([#2543])
+  * Set `@env[CONTENT_LENGTH]` value as string. ([#2549])
+
+## 5.2.0 / 2021-01-27
+
+* Features
+  * 10x latency improvement for MRI on ssl connections by reducing overhead ([#2519])
+  * Add option to specify the desired IO selector backend for libev ([#2522])
+  * Add ability to set OpenSSL verification flags (MRI only) ([#2490])
+  * Uses `flush` after writing messages to avoid mutating $stdout and $stderr using `sync=true` ([#2486])
+
+* Bugfixes
+  * MiniSSL - Update dhparam to 2048 bit for use with SSL_CTX_set_tmp_dh ([#2535])
+  * Change 'Goodbye!' message to be output after listeners are closed ([#2529])
+  * Fix ssl bind logging with 0.0.0.0 and localhost ([#2533])
+  * Fix compiler warnings, but skipped warnings related to ragel state machine generated code ([#1953])
+  * Fix phased restart errors related to nio4r gem when using the Puma control server ([#2516])
+  * Add `#string` method to `Puma::NullIO` ([#2520])
+  * Fix binding via Rack handler to IPv6 addresses ([#2521])
+
+* Refactor
+  * Refactor MiniSSL::Context on MRI, fix MiniSSL::Socket#write ([#2519])
+  * Remove `Server#read_body` ([#2531])
+  * Fail build if compiling extensions raises warnings on GH Actions, configurable via `MAKE_WARNINGS_INTO_ERRORS` ([#1953])
+
 ## 5.1.1 / 2020-12-10
 
-* Bugfixes 
+* Bugfixes
   * Fix over eager matching against banned header names ([#2510])
-  
+
 ## 5.1.0 / 2020-11-30
 
 * Features
@@ -98,7 +167,7 @@
   * Daemonization has been removed without replacement. ([#2170])
   * Changed #connected_port to #connected_ports ([#2076])
   * Configuration: `environment` is read from `RAILS_ENV`, if `RACK_ENV` can't be found ([#2022])
-  * Log binding on http:// for TCP bindings to make it clickable
+  * Log binding on http:// for TCP bindings to make it clickable  ([#2300])
 
 * Bugfixes
   * Fix JSON loading issues on phased-restarts ([#2269])
@@ -144,17 +213,22 @@
   * Support parallel tests in verbose progress reporting ([#2223])
   * Refactor error handling in server accept loop ([#2239])
 
-## 4.3.6 / 2020-09-05
+## 4.3.8 / 2021-05-11
 
-* Bugfixes
-  * Explicitly include ctype.h to fix compilation warning and build error on macOS with Xcode 12 ([#2304])
-  * Don't require json at boot ([#2269])
+* Security
+  * Close keepalive connections after the maximum number of fast inlined requests (#2625)
 
 ## 4.3.7 / 2020-11-30
 
 * Bugfixes
   * Backport set CONTENT_LENGTH for chunked requests (Originally: [#2287], backport: [#2496])
 
+## 4.3.6 / 2020-09-05
+
+* Bugfixes
+  * Explicitly include ctype.h to fix compilation warning and build error on macOS with Xcode 12 ([#2304])
+  * Don't require json at boot ([#2269])
+
 ## 4.3.4/4.3.5 and 3.12.5/3.12.6 / 2020-05-22
 
 Each patchlevel release contains a separate security fix. We recommend simply upgrading to 4.3.5/3.12.6.
@@ -1672,7 +1746,53 @@ be added back in a future date when a java Puma::MiniSSL is added.
 * Bugfixes
   * Your bugfix goes here <Most recent on the top, like GitHub> (#Github Number)
 
-[#2510]:https://github.com/puma/puma/pull/2510     "PR by @micke"
+[#2564]:https://github.com/puma/puma/pull/2564     "PR by @MSP-Greg, merged 2021-04-24"
+[#2526]:https://github.com/puma/puma/issues/2526   "Issue by @nerdrew, closed 2021-04-24"
+[#2559]:https://github.com/puma/puma/pull/2559     "PR by @ylecuyer, merged 2021-03-11"
+[#2528]:https://github.com/puma/puma/issues/2528   "Issue by @cjlarose, closed 2021-03-11"
+[#2565]:https://github.com/puma/puma/pull/2565     "PR by @CGA1123, merged 2021-03-09"
+[#2534]:https://github.com/puma/puma/issues/2534   "Issue by @nateberkopec, closed 2021-03-09"
+[#2563]:https://github.com/puma/puma/pull/2563     "PR by @MSP-Greg, merged 2021-03-06"
+[#2504]:https://github.com/puma/puma/issues/2504   "Issue by @fsateler, closed 2021-03-06"
+[#2591]:https://github.com/puma/puma/pull/2591     "PR by @MSP-Greg, merged 2021-05-05"
+[#2572]:https://github.com/puma/puma/issues/2572   "Issue by @josefbilendo, closed 2021-05-05"
+[#2613]:https://github.com/puma/puma/pull/2613     "PR by @smcgivern, merged 2021-04-27"
+[#2605]:https://github.com/puma/puma/pull/2605     "PR by @pascalbetz, merged 2021-04-26"
+[#2584]:https://github.com/puma/puma/issues/2584   "Issue by @kaorihinata, closed 2021-04-26"
+[#2607]:https://github.com/puma/puma/pull/2607     "PR by @calvinxiao, merged 2021-04-23"
+[#2552]:https://github.com/puma/puma/issues/2552   "Issue by @feliperaul, opened 2021-02-09"
+[#2606]:https://github.com/puma/puma/pull/2606     "PR by @wjordan, merged 2021-04-20"
+[#2574]:https://github.com/puma/puma/issues/2574   "Issue by @darkhelmet, closed 2021-04-20"
+[#2567]:https://github.com/puma/puma/pull/2567     "PR by @kddeisz, merged 2021-04-19"
+[#2566]:https://github.com/puma/puma/issues/2566   "Issue by @kddeisz, closed 2021-04-19"
+[#2596]:https://github.com/puma/puma/pull/2596     "PR by @MSP-Greg, merged 2021-04-18"
+[#2588]:https://github.com/puma/puma/pull/2588     "PR by @dentarg, merged 2021-04-02"
+[#2556]:https://github.com/puma/puma/issues/2556   "Issue by @gamecreature, closed 2021-04-02"
+[#2585]:https://github.com/puma/puma/pull/2585     "PR by @MSP-Greg, merged 2021-03-26"
+[#2583]:https://github.com/puma/puma/issues/2583   "Issue by @jboler, closed 2021-03-26"
+[#2609]:https://github.com/puma/puma/pull/2609     "PR by @calvinxiao, merged 2021-04-26"
+[#2590]:https://github.com/puma/puma/pull/2590     "PR by @calvinxiao, merged 2021-04-05"
+[#2600]:https://github.com/puma/puma/pull/2600     "PR by @wjordan, merged 2021-04-30"
+[#2579]:https://github.com/puma/puma/pull/2579     "PR by @ghiculescu, merged 2021-03-17"
+[#2553]:https://github.com/puma/puma/pull/2553     "PR by @olivierbellone, merged 2021-02-10"
+[#2557]:https://github.com/puma/puma/pull/2557     "PR by @cjlarose, merged 2021-02-22"
+[#2550]:https://github.com/puma/puma/pull/2550     "PR by @MSP-Greg, merged 2021-02-05"
+[#2547]:https://github.com/puma/puma/pull/2547     "PR by @wildmaples, merged 2021-02-03"
+[#2543]:https://github.com/puma/puma/pull/2543     "PR by @MSP-Greg, merged 2021-02-01"
+[#2549]:https://github.com/puma/puma/pull/2549     "PR by @nmb, merged 2021-02-04"
+[#2519]:https://github.com/puma/puma/pull/2519     "PR by @MSP-Greg, merged 2021-01-26"
+[#2522]:https://github.com/puma/puma/pull/2522     "PR by @jcmfernandes, merged 2021-01-12"
+[#2490]:https://github.com/puma/puma/pull/2490     "PR by @Bonias, merged 2020-12-07"
+[#2486]:https://github.com/puma/puma/pull/2486     "PR by @ccverak, merged 2020-12-02"
+[#2535]:https://github.com/puma/puma/pull/2535     "PR by @MSP-Greg, merged 2021-01-27"
+[#2529]:https://github.com/puma/puma/pull/2529     "PR by @MSP-Greg, merged 2021-01-24"
+[#2533]:https://github.com/puma/puma/pull/2533     "PR by @MSP-Greg, merged 2021-01-24"
+[#1953]:https://github.com/puma/puma/issues/1953   "Issue by @nateberkopec, closed 2020-12-01"
+[#2516]:https://github.com/puma/puma/pull/2516     "PR by @cjlarose, merged 2020-12-17"
+[#2520]:https://github.com/puma/puma/pull/2520     "PR by @dentarg, merged 2021-01-04"
+[#2521]:https://github.com/puma/puma/pull/2521     "PR by @ojab, merged 2021-01-04"
+[#2531]:https://github.com/puma/puma/pull/2531     "PR by @wjordan, merged 2021-01-19"
+[#2510]:https://github.com/puma/puma/pull/2510     "PR by @micke, merged 2020-12-10"
 [#2472]:https://github.com/puma/puma/pull/2472     "PR by @ccverak, merged 2020-11-02"
 [#2438]:https://github.com/puma/puma/pull/2438     "PR by @ekohl, merged 2020-10-26"
 [#2406]:https://github.com/puma/puma/pull/2406     "PR by @fdel15, merged 2020-10-19"
@@ -1736,6 +1856,7 @@ be added back in a future date when a java Puma::MiniSSL is added.
 [#2170]:https://github.com/puma/puma/pull/2170     "PR by @nateberkopec, merged 2020-03-10"
 [#2076]:https://github.com/puma/puma/pull/2076     "PR by @drews256, merged 2020-02-27"
 [#2022]:https://github.com/puma/puma/pull/2022     "PR by @olleolleolle, merged 2019-11-11"
+[#2300]:https://github.com/puma/puma/pull/2300     "PR by @alexeevit, merged 2020-07-06"
 [#2269]:https://github.com/puma/puma/pull/2269     "PR by @MSP-Greg, merged 2020-08-31"
 [#2312]:https://github.com/puma/puma/pull/2312     "PR by @MSP-Greg, merged 2020-07-20"
 [#2338]:https://github.com/puma/puma/issues/2338   "Issue by @micahhainlinestitchfix, closed 2020-08-18"
@@ -1771,8 +1892,8 @@ be added back in a future date when a java Puma::MiniSSL is added.
 [#2124]:https://github.com/puma/puma/pull/2124     "PR by @wjordan, merged 2020-04-14"
 [#2223]:https://github.com/puma/puma/pull/2223     "PR by @wjordan, merged 2020-04-20"
 [#2239]:https://github.com/puma/puma/pull/2239     "PR by @wjordan, merged 2020-05-15"
-[#2304]:https://github.com/puma/puma/issues/2304   "Issue by @mpeltomaa, closed 2020-09-05"
 [#2496]:https://github.com/puma/puma/pull/2496     "PR by @TheRusskiy, merged 2020-11-30"
+[#2304]:https://github.com/puma/puma/issues/2304   "Issue by @mpeltomaa, closed 2020-09-05"
 [#2132]:https://github.com/puma/puma/issues/2132   "Issue by @bmclean, closed 2020-02-28"
 [#2010]:https://github.com/puma/puma/pull/2010     "PR by @nateberkopec, merged 2019-10-07"
 [#2012]:https://github.com/puma/puma/pull/2012     "PR by @headius, merged 2019-10-07"
@@ -2119,7 +2240,7 @@ be added back in a future date when a java Puma::MiniSSL is added.
 [#646]:https://github.com/puma/puma/pull/646       "PR by @mkonecny, merged 2015-02-05"
 [#630]:https://github.com/puma/puma/issues/630     "Issue by @jelmd, closed 2015-01-20"
 [#622]:https://github.com/puma/puma/issues/622     "Issue by @sabamotto, closed 2015-01-20"
-[#583]:https://github.com/puma/puma/issues/583     "Issue by @emq, closed 2015-01-20"
+[#583]:https://github.com/puma/puma/issues/583     "Issue by @rwojsznis, closed 2015-01-20"
 [#586]:https://github.com/puma/puma/issues/586     "Issue by @ponchik, closed 2015-01-20"
 [#359]:https://github.com/puma/puma/issues/359     "Issue by @natew, closed 2014-12-13"
 [#633]:https://github.com/puma/puma/issues/633     "Issue by @joevandyk, closed 2015-01-20"

data/README.md

@@ -16,7 +16,7 @@ Puma is a **simple, fast, multi-threaded, and highly concurrent HTTP 1.1 server
 
 Puma processes requests using a C-optimized Ragel extension (inherited from Mongrel) that provides fast, accurate HTTP 1.1 protocol parsing in a portable way. Puma then serves the request using a thread pool. Each request is served in a separate thread, so truly concurrent Ruby implementations (JRuby, Rubinius) will use all available CPU cores.
 
-Puma was designed to be the go-to server for [Rubinius](https://rubinius.com), but also works well with JRuby and MRI.
+Originally designed as a server for [Rubinius](https://github.com/rubinius/rubinius), Puma also works well with Ruby (MRI) and JRuby.
 
 On MRI, there is a Global VM Lock (GVL) that ensures only one thread can run Ruby code at a time. But if you're doing a lot of blocking IO (such as HTTP calls to external APIs like Twitter), Puma still improves MRI's throughput by allowing IO waiting to be done in parallel.
 
@@ -212,6 +212,23 @@ Disable TLS v1 with the `no_tlsv1` option:
 $ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&no_tlsv1=true'
 ```
 
+#### Controlling OpenSSL Verification Flags
+
+To enable verification flags offered by OpenSSL, use `verification_flags` (not available for JRuby):
+
+```
+$ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&verification_flags=PARTIAL_CHAIN'
+```
+
+You can also set multiple verification flags (by separating them with coma):
+
+```
+$ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&verification_flags=PARTIAL_CHAIN,CRL_CHECK'
+```
+
+List of available flags: `USE_CHECK_TIME`, `CRL_CHECK`, `CRL_CHECK_ALL`, `IGNORE_CRITICAL`, `X509_STRICT`, `ALLOW_PROXY_CERTS`, `POLICY_CHECK`, `EXPLICIT_POLICY`, `INHIBIT_ANY`, `INHIBIT_MAP`, `NOTIFY_POLICY`, `EXTENDED_CRL_SUPPORT`, `USE_DELTAS`, `CHECK_SS_SIGNATURE`, `TRUSTED_FIRST`, `SUITEB_128_LOS_ONLY`, `SUITEB_192_LOS`, `SUITEB_128_LOS`, `PARTIAL_CHAIN`, `NO_ALT_CHAINS`, `NO_CHECK_TIME`
+(see https://www.openssl.org/docs/manmaster/man3/X509_VERIFY_PARAM_set_hostflags.html#VERIFICATION-FLAGS).
+
 ### Control/Status Server
 
 Puma has a built-in status and control app that can be used to query and control Puma.
@@ -238,7 +255,7 @@ You can also provide a configuration file with the `-C` (or `--config`) flag:
 $ puma -C /path/to/config
 ```
 
-If no configuration file is specified, Puma will look for a configuration file at `config/puma.rb`. If an environment is specified, either via the `-e` and `--environment` flags, or through the `RACK_ENV` or the `RAILS_ENV` environment variables, Puma looks for configuration at `config/puma/<environment_name>.rb`.
+If no configuration file is specified, Puma will look for a configuration file at `config/puma.rb`. If an environment is specified, either via the `-e` and `--environment` flags, or through the `RACK_ENV` or the `RAILS_ENV` environment variables, Puma first looks for configuration at `config/puma/<environment_name>.rb`, and then falls back to `config/puma.rb`.
 
 If you want to prevent Puma from looking for a configuration file in those locations, provide a dash as the argument to the `-C` (or `--config`) flag:
 
@@ -266,6 +283,7 @@ Some platforms do not support all Puma features.
 
   * **JRuby**, **Windows**: server sockets are not seamless on restart, they must be closed and reopened. These platforms have no way to pass descriptors into a new process that is exposed to Ruby. Also, cluster mode is not supported due to a lack of fork(2).
   * **Windows**: Cluster mode is not supported due to a lack of fork(2).
+  * **Kubernetes**: The way Kubernetes handles pod shutdowns interacts poorly with server processes implementing graceful shutdown, like Puma. See the [kubernetes section of the documentation](docs/kubernetes.md) for more details.
 
 ## Known Bugs
 
@@ -291,6 +309,10 @@ reliability in production environments:
 * [rc.d](docs/jungle/rc.d/README.md)
 * [systemd](docs/systemd.md)
 
+Community guides: 
+
+* [Deploying Puma on OpenBSD using relayd and httpd](https://gist.github.com/anon987654321/4532cf8d6c59c1f43ec8973faa031103)
+
 ## Community Extensions
 
 ### Plugins

data/docs/architecture.md

@@ -4,34 +4,38 @@
 
 ![https://bit.ly/2iJuFky](images/puma-general-arch.png)
 
-Puma is a threaded web server, processing requests across a TCP or UNIX socket.
+Puma is a threaded Ruby HTTP application server, processing requests across a TCP or UNIX socket.
 
-Workers accept connections from the socket and a thread in the worker's thread pool processes the client's request.
 
-Clustered mode is shown/discussed here. Single mode is analogous to having a single worker process.
+Puma processes (there can be one or many) accept connections from the socket via a thread (in the [`Reactor`](../lib/puma/reactor.rb) class). The connection, once fully buffered and read, moves in to the `todo` list, where it will be picked up by a free/waiting thread in the threadpool (the [`ThreadPool`](../lib/puma/thread_pool.rb) class).
 
-## Connection pipeline
+Puma works in two main modes: cluster and single. In single mode, only one Puma process is booted. In cluster mode, a `master` process is booted, which prepares (and may boot) the application, and then uses the `fork()` system call to create 1 or more `child` processes. These `child` processes all listen to the same socket. The `master` process does not listen to the socket or process requests - its purpose is mostly to manage and listen for UNIX signals and possibly kill or boot `child` processes.
+
+We sometimes call `child` processes (or Puma processes in `single` mode) _workers_, and we sometimes call the threads created by Puma's [`ThreadPool`](../lib/puma/thread_pool.rb)  _worker threads_.
+
+## How Requests Work
 
 ![https://bit.ly/2zwzhEK](images/puma-connection-flow.png)
 
 * Upon startup, Puma listens on a TCP or UNIX socket.
-  * The backlog of this socket is configured (with a default of 1024), determining how many established but unaccepted connections can exist concurrently.
-  * This socket backlog is distinct from the "backlog" of work as reported by the control server stats. The latter is the number of connections in that worker's "todo" set waiting for a worker thread.
-* By default, a single, separate thread is used to receive HTTP requests across the socket.
-  * When at least one worker thread is available for work, a connection is accepted and placed in this request buffer
-  * This thread waits for entire HTTP requests to be received over the connection
-    * The time spent waiting for the HTTP request body to be received is exposed to the Rack app as `env['puma.request_body_wait']` (milliseconds)
-  * Once received, the connection is pushed into the "todo" set
-* Worker threads pop work off the "todo" set for processing
-  * The thread processes the request via the rack application (which generates the HTTP response)
-  * The thread writes the response to the connection
-  * Finally, the thread become available to process another connection in the "todo" set
-
-### Disabling `queue_requests`
+  * The backlog of this socket is configured (with a default of 1024). This determines the size of the queue for unaccepted connections. Generally, this setting is unimportant and will never be hit in production use. If the backlog is full, the connection will be refused by the operating system.
+  * This socket backlog is distinct from the `backlog` of work as reported by `Puma.stats` or the control server. The backlog as reported by Puma is the number of connections in the process' `todo` set waiting for a thread from the [`ThreadPool`](../lib/puma/thread_pool.rb).
+* By default, a single, separate thread (created by the [`Reactor`](../lib/puma/reactor.rb) class) is used to read and buffer requests from the socket.
+  * When at least one worker thread is available for work, the reactor thread listens to the socket and accepts a request, if one is waiting.
+  * The reactor thread waits for the entire HTTP request to be received.
+    * The time spent waiting for the HTTP request body to be received is exposed to the Rack app as `env['puma.request_body_wait']` (milliseconds).
+  * Once fully buffered and received, the connection is pushed into the "todo" set.
+* Worker threads pop work off the "todo" set for processing.
+  * The worker thread processes the request via `call`ing the configured Rack application. The Rack application generates the HTTP response.
+  * The worker thread writes the response to the connection. Note that while Puma buffers requests via a separate thread, it does not use a separate thread for responses.
+  * Once done, the thread become available to process another connection in the "todo" set.
+
+### `queue_requests`
 
 ![https://bit.ly/2zxCJ1Z](images/puma-connection-flow-no-reactor.png)
 
-The `queue_requests` option is `true` by default, enabling the separate thread used to buffer requests as described above.
+The `queue_requests` option is `true` by default, enabling the separate reactor thread used to buffer requests as described above.
 
 If set to `false`, this buffer will not be used for connections while waiting for the request to arrive.
+
 In this mode, when a connection is accepted, it is added to the "todo" queue immediately, and a worker will synchronously do any waiting necessary to read the HTTP request from the socket.

data/docs/compile_options.md

@@ -1,19 +1,19 @@
 # Compile Options
 
-There provide some `cflags` to change Puma's default configuration for C.
+There are some `cflags` provided to change Puma's default configuration for its C extension.
 
-## Query String
+## Query String, `PUMA_QUERY_STRING_MAX_LENGTH`
 
-By default, the max length of `QUERY_STRING` is `1024 * 10`. But you may want to adjust it to allow accept large queries in the GET requests.
+By default, the max length of `QUERY_STRING` is `1024 * 10`. But you may want to adjust it to allow accept larger queries in GET requests.
 
-For manual install
+For manual install, pass the `PUMA_QUERY_STRING_MAX_LENGTH` option like this:
 
 ```
 gem install puma -- --with-cflags="-D PUMA_QUERY_STRING_MAX_LENGTH=64000"
 ```
 
-For bundler config
+For Bundler, use its configuration system:
 
 ```
-bundle config build.puma --with-cflags="-D PUMA_QUERY_STRING_MAX_LENGTH=64000"
+bundle config build.puma "--with-cflags='-D PUMA_QUERY_STRING_MAX_LENGTH=64000'"
 ```

data/docs/deployment.md

@@ -16,7 +16,7 @@ Welcome back!
 
 ## Single vs Cluster mode
 
-Puma was originally conceived as a thread-only webserver, but grew the ability to
+Puma was originally conceived as a thread-only web server, but grew the ability to
 also use processes in version 2.
 
 To run `puma` in single mode (e.g. for a development environment) you will need to
@@ -29,7 +29,7 @@ Here are some rules of thumb for cluster mode:
 * Use cluster mode and set the number of workers to 1.5x the number of cpu cores
   in the machine, minimum 2.
 * Set the number of threads to desired concurrent requests / number of workers.
-  Puma defaults to 16 and that's a decent number.
+  Puma defaults to 5 and that's a decent number.
 
 #### Migrating from Unicorn
 

data/docs/jungle/rc.d/README.md

@@ -1,6 +1,6 @@
 # Puma as a service using rc.d
 
-Manage multilpe Puma servers as services on one box using FreeBSD's rc.d service.
+Manage multiple Puma servers as services on one box using FreeBSD's rc.d service.
 
 ## Dependencies
 

data/docs/kubernetes.md

@@ -0,0 +1,66 @@
+# Kubernetes
+
+## Running Puma in Kubernetes
+
+In general running Puma in Kubernetes works as-is, no special configuration is needed beyond what you would write anyway to get a new Kubernetes Deployment going. There is one known interaction between the way Kubernetes handles pod termination and how Puma handles `SIGINT`, where some request might be sent to Puma after it has already entered graceful shutdown mode and is no longer accepting requests. This can lead to dropped requests during rolling deploys. A workaround for this is listed at the end of this article.
+
+## Basic setup
+
+Assuming you already have a running cluster and docker image repository, you can run a simple Puma app with the following example Dockerfile and Deployment specification. These are meant as examples only and are deliberately very minimal to the point of skipping many options that are recommended for running in production, like healthchecks and envvar configuration with ConfigMaps. In general you should check the [Kubernetes documentation](https://kubernetes.io/docs/home/) and [Docker documentation](https://docs.docker.com/) for a more comprehensive overview of the available options.
+
+A basic Dockerfile example: 
+```
+FROM ruby:2.5.1-alpine # can be updated to newer ruby versions
+RUN apk update && apk add build-base # and any other packages you need 
+
+# Only rebuild gem bundle if Gemfile changes
+COPY Gemfile Gemfile.lock ./
+RUN bundle install
+
+# Copy over the rest of the files
+COPY . .
+
+# Open up port and start the service
+EXPOSE 9292
+CMD bundle exec rackup -o 0.0.0.0
+```
+
+A sample `deployment.yaml`:
+```
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: my-awesome-puma-app
+spec:
+  selector:
+    matchLabels:
+      app: my-awesome-puma-app
+  template:
+    metadata:
+      labels:
+        app: my-awesome-puma-app
+        service: my-awesome-puma-app
+    spec:
+      containers:
+      - name: my-awesome-puma-app
+        image: <your image here>
+        ports:
+        - containerPort: 9292
+``` 
+
+## Graceful shutdown and pod termination
+
+For some high-throughput systems, it is possible that some HTTP requests will return responses with response codes in the 5XX range during a rolling deploy to a new version. This is caused by [the way that Kubernetes terminates a pod during rolling deploys](https://cloud.google.com/blog/products/gcp/kubernetes-best-practices-terminating-with-grace):
+
+1. The replication controller determines a pod should be shut down.
+2. The Pod is set to the “Terminating” State and removed from the endpoints list of all Services, so that it receives no more requests.
+3. The pods pre-stop hook get called. The default for this is to send `SIGTERM` to the process inside the pod.
+4. The pod has up to `terminationGracePeriodSeconds` (default: 30 seconds) to gracefully shut down. Puma will do this (after it receives SIGTERM) by closing down the socket that accepts new requests and finishing any requests already running before exiting the Puma process.
+5. If the pod is still running after `terminationGracePeriodSeconds` has elapsed, the pod receives `SIGKILL` to make sure the process inside it stops. After that, the container exits and all other Kubernetes objects associated with it are cleaned up.
+
+There is a subtle race condition between step 2 and 3: The replication controller does not synchronously remove the pod from the Services AND THEN call the pre-stop hook of the pod, but rather it asynchronously sends "remove this pod from your endpoints" requests to the Services and then immediately proceeds to invoke the pods' pre-stop hook. If the Service controller (typically something like nginx or haproxy) receives this request handles this request "too" late (due to internal lag or network latency between the replication and Service controllers) then it is possible that the Service controller will send one or more requests to a Puma process which has already shut down its listening socket. These requests will then fail with 5XX error codes.
+
+The way Kubernetes works this way, rather than handling step 2 synchronously, is due to the CAP theorem: in a distributed system there is no way to guarantee that any message will arrive promptly. In particular, waiting for all Service controllers to report back might get stuck for an indefinite time if one of them has already been terminated or if there has been a net split. A way to work around this is to add a sleep to the pre-stop hook of the same time as the `terminationGracePeriodSeconds` time. This will allow the Puma process to keep serving new requests during the entire grace period, although it will no longer receive new requests after all Service controllers have propagated the removal of the pod from their endpoint lists. Then, after `terminationGracePeriodSeconds`, the pod receives `SIGKILL` and closes down. If your process can't handle SIGKILL properly, for example because it needs to release locks in different services, you can also sleep for a shorter period (and/or increase `terminationGracePeriodSeconds`) as long as the time slept is longer than the time that your Service controllers take to propagate the pod removal. The downside of this workaround is that all pods will take at minimum the amount of time slept to shut down and this will increase the time required for your rolling deploy.
+
+More discussions and links to relevant articles can be found in https://github.com/puma/puma/issues/2343.

data/docs/plugins.md

@@ -8,7 +8,7 @@ operations.
 * [tmp\_restart](https://github.com/puma/puma/blob/master/lib/puma/plugin/tmp_restart.rb):
   Restarts the server if the file `tmp/restart.txt` is touched
 * [heroku](https://github.com/puma/puma-heroku/blob/master/lib/puma/plugin/heroku.rb):
-  Packages up the default configuration used by puma on Heroku
+  Packages up the default configuration used by puma on Heroku (being sunset with the release of Puma 5.0)
 
 Plugins are activated in a puma configuration file (such as `config/puma.rb'`)
 by adding `plugin "name"`, such as `plugin "heroku"`.
@@ -34,5 +34,5 @@ functionality to augment puma.
 `config` runs when the server is being configured and is passed a `Puma::DSL`
 object that can be used to add additional configuration.
 
-Any public methods in `Puma::Plugin` are the public API that any plugin may
+Any public methods in [`Puma::Plugin`](../lib/puma/plugin.rb) are the public API that any plugin may
 use.