puma 5.2.0 → 5.4.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puma might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/History.md +123 -0
- data/README.md +1 -1
- data/docs/architecture.md +22 -18
- data/docs/deployment.md +3 -18
- data/docs/jungle/rc.d/README.md +1 -1
- data/docs/kubernetes.md +1 -1
- data/docs/plugins.md +1 -1
- data/docs/rails_dev_mode.md +29 -0
- data/docs/restart.md +1 -1
- data/docs/stats.md +1 -1
- data/docs/systemd.md +1 -1
- data/ext/puma_http11/extconf.rb +18 -1
- data/ext/puma_http11/http11_parser.h +1 -1
- data/ext/puma_http11/mini_ssl.c +16 -1
- data/lib/puma.rb +36 -10
- data/lib/puma/app/status.rb +4 -4
- data/lib/puma/binder.rb +33 -22
- data/lib/puma/client.rb +11 -9
- data/lib/puma/cluster.rb +41 -11
- data/lib/puma/cluster/worker.rb +9 -2
- data/lib/puma/cluster/worker_handle.rb +4 -0
- data/lib/puma/configuration.rb +5 -1
- data/lib/puma/const.rb +3 -3
- data/lib/puma/control_cli.rb +3 -1
- data/lib/puma/detect.rb +14 -10
- data/lib/puma/dsl.rb +30 -1
- data/lib/puma/error_logger.rb +2 -2
- data/lib/puma/{json.rb → json_serialization.rb} +1 -1
- data/lib/puma/minissl.rb +2 -2
- data/lib/puma/null_io.rb +8 -0
- data/lib/puma/plugin.rb +1 -1
- data/lib/puma/queue_close.rb +7 -7
- data/lib/puma/rack/builder.rb +1 -1
- data/lib/puma/request.rb +26 -10
- data/lib/puma/runner.rb +5 -0
- data/lib/puma/server.rb +37 -51
- data/lib/puma/thread_pool.rb +10 -7
- data/lib/puma/util.rb +1 -1
- data/lib/rack/handler/puma.rb +1 -0
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8615fe84e162e127ef524e304e0cdc330d4f66b57fcd3339c9c32883fef73011
|
4
|
+
data.tar.gz: 505bf893eb69b1e910320dcb4769fe259cfa880e764900c8d1091b6f9baa7533
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1c347073ca1dc41fb975cd0cfd19fecfa72780e11f08151caed06993b1045a0c2204911d77cbee967b332c68adc4940ad0c0f1f1b26cc105f1d3c923f3fee4f8
|
7
|
+
data.tar.gz: a67f6b4a6959b3f47deb0966e7c2a35697cc1021f77cc7598bdad080c60ef6705be39c0352da76c20bab5fd3165d1e207db8df0bad9ec4633dd5bbefdee3b39e
|
data/History.md
CHANGED
@@ -1,3 +1,72 @@
|
|
1
|
+
## 5.4.0 / 2021-07-28
|
2
|
+
|
3
|
+
* Features
|
4
|
+
* Better/expanded names for threadpool threads ([#2657])
|
5
|
+
* Allow pkg_config for OpenSSL ([#2648], [#1412])
|
6
|
+
* Add `rack_url_scheme` to Puma::DSL, allows setting of `rack.url_scheme` header ([#2586], [#2569])
|
7
|
+
|
8
|
+
* Bugfixes
|
9
|
+
* `Binder#parse` - allow for symlinked unix path, add create_activated_fds debug ENV ([#2643], [#2638])
|
10
|
+
* Fix deprecation warning: minissl.c - Use Random.bytes if available ([#2642])
|
11
|
+
* Client certificates: set session id context while creating SSLContext ([#2633])
|
12
|
+
|
13
|
+
* Refactor
|
14
|
+
* Replace `IO.select` with `IO#wait_*` when checking a single IO ([#2666])
|
15
|
+
|
16
|
+
## 5.3.2 / 2021-05-21
|
17
|
+
|
18
|
+
* Bugfixes
|
19
|
+
* Gracefully handle Rack not accepting CLI options ([#2630], [#2626])
|
20
|
+
* Fix sigterm misbehavior ([#2629])
|
21
|
+
* Improvements to keepalive-connection shedding ([#2628])
|
22
|
+
|
23
|
+
## 5.3.1 / 2021-05-11
|
24
|
+
|
25
|
+
* Security
|
26
|
+
* Close keepalive connections after the maximum number of fast inlined requests (CVE-2021-29509) ([#2625])
|
27
|
+
|
28
|
+
## 5.3.0 / 2021-05-07
|
29
|
+
|
30
|
+
* Features
|
31
|
+
* Add support for Linux's abstract sockets ([#2564], [#2526])
|
32
|
+
* Add debug to worker timeout and startup ([#2559], [#2528])
|
33
|
+
* Print warning when running one-worker cluster ([#2565], [#2534])
|
34
|
+
* Don't close systemd activated socket on pumactl restart ([#2563], [#2504])
|
35
|
+
|
36
|
+
* Bugfixes
|
37
|
+
* systemd - fix event firing ([#2591], [#2572])
|
38
|
+
* Immediately unlink temporary files ([#2613])
|
39
|
+
* Improve parsing of HTTP_HOST header ([#2605], [#2584])
|
40
|
+
* Handle fatal error that has no backtrace ([#2607], [#2552])
|
41
|
+
* Fix timing out requests too early ([#2606], [#2574])
|
42
|
+
* Handle segfault in Ruby 2.6.6 on thread-locals ([#2567], [#2566])
|
43
|
+
* Server#closed_socket? - parameter may be a MiniSSL::Socket ([#2596])
|
44
|
+
* Define UNPACK_TCP_STATE_FROM_TCP_INFO in the right place ([#2588], [#2556])
|
45
|
+
* request.rb - fix chunked assembly for ascii incompatible encodings, add test ([#2585], [#2583])
|
46
|
+
|
47
|
+
* Performance
|
48
|
+
* Reset peerip only if remote_addr_header is set ([#2609])
|
49
|
+
* Reduce puma_parser struct size ([#2590])
|
50
|
+
|
51
|
+
* Refactor
|
52
|
+
* Refactor drain on shutdown ([#2600])
|
53
|
+
* Micro optimisations in `wait_for_less_busy_worker` feature ([#2579])
|
54
|
+
* Lots of test fixes
|
55
|
+
|
56
|
+
## 5.2.2 / 2021-02-22
|
57
|
+
|
58
|
+
* Bugfixes
|
59
|
+
* Add `#flush` and `#sync` methods to `Puma::NullIO` ([#2553])
|
60
|
+
* Restore `sync=true` on `STDOUT` and `STDERR` streams ([#2557])
|
61
|
+
|
62
|
+
## 5.2.1 / 2021-02-05
|
63
|
+
|
64
|
+
* Bugfixes
|
65
|
+
* Fix TCP cork/uncork operations to work with ssl clients ([#2550])
|
66
|
+
* Require rack/common_logger explicitly if :verbose is true ([#2547])
|
67
|
+
* MiniSSL::Socket#write - use data.byteslice(wrote..-1) ([#2543])
|
68
|
+
* Set `@env[CONTENT_LENGTH]` value as string. ([#2549])
|
69
|
+
|
1
70
|
## 5.2.0 / 2021-01-27
|
2
71
|
|
3
72
|
* Features
|
@@ -166,6 +235,11 @@
|
|
166
235
|
* Support parallel tests in verbose progress reporting ([#2223])
|
167
236
|
* Refactor error handling in server accept loop ([#2239])
|
168
237
|
|
238
|
+
## 4.3.8 / 2021-05-11
|
239
|
+
|
240
|
+
* Security
|
241
|
+
* Close keepalive connections after the maximum number of fast inlined requests (CVE-2021-29509) ([#2625])
|
242
|
+
|
169
243
|
## 4.3.7 / 2020-11-30
|
170
244
|
|
171
245
|
* Bugfixes
|
@@ -1694,6 +1768,55 @@ be added back in a future date when a java Puma::MiniSSL is added.
|
|
1694
1768
|
* Bugfixes
|
1695
1769
|
* Your bugfix goes here <Most recent on the top, like GitHub> (#Github Number)
|
1696
1770
|
|
1771
|
+
[#2657]:https://github.com/puma/puma/pull/2657 "PR by @olivierbellone, merged 2021-07-13"
|
1772
|
+
[#2648]:https://github.com/puma/puma/pull/2648 "PR by @MSP-Greg, merged 2021-06-27"
|
1773
|
+
[#1412]:https://github.com/puma/puma/issues/1412 "Issue by @x-yuri, closed 2021-06-27"
|
1774
|
+
[#2586]:https://github.com/puma/puma/pull/2586 "PR by @MSP-Greg, merged 2021-05-26"
|
1775
|
+
[#2569]:https://github.com/puma/puma/issues/2569 "Issue by @tarragon, closed 2021-05-26"
|
1776
|
+
[#2643]:https://github.com/puma/puma/pull/2643 "PR by @MSP-Greg, merged 2021-06-27"
|
1777
|
+
[#2638]:https://github.com/puma/puma/issues/2638 "Issue by @gingerlime, closed 2021-06-27"
|
1778
|
+
[#2642]:https://github.com/puma/puma/pull/2642 "PR by @MSP-Greg, merged 2021-06-16"
|
1779
|
+
[#2633]:https://github.com/puma/puma/pull/2633 "PR by @onlined, merged 2021-06-04"
|
1780
|
+
[#2666]:https://github.com/puma/puma/pull/2666 "PR by @MSP-Greg, merged 2021-07-25"
|
1781
|
+
[#2630]:https://github.com/puma/puma/pull/2630 "PR by @seangoedecke, merged 2021-05-20"
|
1782
|
+
[#2626]:https://github.com/puma/puma/issues/2626 "Issue by @rorymckinley, closed 2021-05-20"
|
1783
|
+
[#2629]:https://github.com/puma/puma/pull/2629 "PR by @ye-lin-aung, merged 2021-05-20"
|
1784
|
+
[#2628]:https://github.com/puma/puma/pull/2628 "PR by @wjordan, merged 2021-05-20"
|
1785
|
+
[#2625]:https://github.com/puma/puma/issues/2625 "Issue by @jarthod, closed 2021-05-11"
|
1786
|
+
[#2564]:https://github.com/puma/puma/pull/2564 "PR by @MSP-Greg, merged 2021-04-24"
|
1787
|
+
[#2526]:https://github.com/puma/puma/issues/2526 "Issue by @nerdrew, closed 2021-04-24"
|
1788
|
+
[#2559]:https://github.com/puma/puma/pull/2559 "PR by @ylecuyer, merged 2021-03-11"
|
1789
|
+
[#2528]:https://github.com/puma/puma/issues/2528 "Issue by @cjlarose, closed 2021-03-11"
|
1790
|
+
[#2565]:https://github.com/puma/puma/pull/2565 "PR by @CGA1123, merged 2021-03-09"
|
1791
|
+
[#2534]:https://github.com/puma/puma/issues/2534 "Issue by @nateberkopec, closed 2021-03-09"
|
1792
|
+
[#2563]:https://github.com/puma/puma/pull/2563 "PR by @MSP-Greg, merged 2021-03-06"
|
1793
|
+
[#2504]:https://github.com/puma/puma/issues/2504 "Issue by @fsateler, closed 2021-03-06"
|
1794
|
+
[#2591]:https://github.com/puma/puma/pull/2591 "PR by @MSP-Greg, merged 2021-05-05"
|
1795
|
+
[#2572]:https://github.com/puma/puma/issues/2572 "Issue by @josefbilendo, closed 2021-05-05"
|
1796
|
+
[#2613]:https://github.com/puma/puma/pull/2613 "PR by @smcgivern, merged 2021-04-27"
|
1797
|
+
[#2605]:https://github.com/puma/puma/pull/2605 "PR by @pascalbetz, merged 2021-04-26"
|
1798
|
+
[#2584]:https://github.com/puma/puma/issues/2584 "Issue by @kaorihinata, closed 2021-04-26"
|
1799
|
+
[#2607]:https://github.com/puma/puma/pull/2607 "PR by @calvinxiao, merged 2021-04-23"
|
1800
|
+
[#2552]:https://github.com/puma/puma/issues/2552 "Issue by @feliperaul, closed 2021-05-24"
|
1801
|
+
[#2606]:https://github.com/puma/puma/pull/2606 "PR by @wjordan, merged 2021-04-20"
|
1802
|
+
[#2574]:https://github.com/puma/puma/issues/2574 "Issue by @darkhelmet, closed 2021-04-20"
|
1803
|
+
[#2567]:https://github.com/puma/puma/pull/2567 "PR by @kddeisz, merged 2021-04-19"
|
1804
|
+
[#2566]:https://github.com/puma/puma/issues/2566 "Issue by @kddeisz, closed 2021-04-19"
|
1805
|
+
[#2596]:https://github.com/puma/puma/pull/2596 "PR by @MSP-Greg, merged 2021-04-18"
|
1806
|
+
[#2588]:https://github.com/puma/puma/pull/2588 "PR by @dentarg, merged 2021-04-02"
|
1807
|
+
[#2556]:https://github.com/puma/puma/issues/2556 "Issue by @gamecreature, closed 2021-04-02"
|
1808
|
+
[#2585]:https://github.com/puma/puma/pull/2585 "PR by @MSP-Greg, merged 2021-03-26"
|
1809
|
+
[#2583]:https://github.com/puma/puma/issues/2583 "Issue by @jboler, closed 2021-03-26"
|
1810
|
+
[#2609]:https://github.com/puma/puma/pull/2609 "PR by @calvinxiao, merged 2021-04-26"
|
1811
|
+
[#2590]:https://github.com/puma/puma/pull/2590 "PR by @calvinxiao, merged 2021-04-05"
|
1812
|
+
[#2600]:https://github.com/puma/puma/pull/2600 "PR by @wjordan, merged 2021-04-30"
|
1813
|
+
[#2579]:https://github.com/puma/puma/pull/2579 "PR by @ghiculescu, merged 2021-03-17"
|
1814
|
+
[#2553]:https://github.com/puma/puma/pull/2553 "PR by @olivierbellone, merged 2021-02-10"
|
1815
|
+
[#2557]:https://github.com/puma/puma/pull/2557 "PR by @cjlarose, merged 2021-02-22"
|
1816
|
+
[#2550]:https://github.com/puma/puma/pull/2550 "PR by @MSP-Greg, merged 2021-02-05"
|
1817
|
+
[#2547]:https://github.com/puma/puma/pull/2547 "PR by @wildmaples, merged 2021-02-03"
|
1818
|
+
[#2543]:https://github.com/puma/puma/pull/2543 "PR by @MSP-Greg, merged 2021-02-01"
|
1819
|
+
[#2549]:https://github.com/puma/puma/pull/2549 "PR by @nmb, merged 2021-02-04"
|
1697
1820
|
[#2519]:https://github.com/puma/puma/pull/2519 "PR by @MSP-Greg, merged 2021-01-26"
|
1698
1821
|
[#2522]:https://github.com/puma/puma/pull/2522 "PR by @jcmfernandes, merged 2021-01-12"
|
1699
1822
|
[#2490]:https://github.com/puma/puma/pull/2490 "PR by @Bonias, merged 2020-12-07"
|
data/README.md
CHANGED
@@ -16,7 +16,7 @@ Puma is a **simple, fast, multi-threaded, and highly concurrent HTTP 1.1 server
|
|
16
16
|
|
17
17
|
Puma processes requests using a C-optimized Ragel extension (inherited from Mongrel) that provides fast, accurate HTTP 1.1 protocol parsing in a portable way. Puma then serves the request using a thread pool. Each request is served in a separate thread, so truly concurrent Ruby implementations (JRuby, Rubinius) will use all available CPU cores.
|
18
18
|
|
19
|
-
|
19
|
+
Originally designed as a server for [Rubinius](https://github.com/rubinius/rubinius), Puma also works well with Ruby (MRI) and JRuby.
|
20
20
|
|
21
21
|
On MRI, there is a Global VM Lock (GVL) that ensures only one thread can run Ruby code at a time. But if you're doing a lot of blocking IO (such as HTTP calls to external APIs like Twitter), Puma still improves MRI's throughput by allowing IO waiting to be done in parallel.
|
22
22
|
|
data/docs/architecture.md
CHANGED
@@ -4,34 +4,38 @@
|
|
4
4
|
|
5
5
|
![https://bit.ly/2iJuFky](images/puma-general-arch.png)
|
6
6
|
|
7
|
-
Puma is a threaded
|
7
|
+
Puma is a threaded Ruby HTTP application server, processing requests across a TCP or UNIX socket.
|
8
8
|
|
9
|
-
Workers accept connections from the socket and a thread in the worker's thread pool processes the client's request.
|
10
9
|
|
11
|
-
|
10
|
+
Puma processes (there can be one or many) accept connections from the socket via a thread (in the [`Reactor`](../lib/puma/reactor.rb) class). The connection, once fully buffered and read, moves in to the `todo` list, where it will be picked up by a free/waiting thread in the threadpool (the [`ThreadPool`](../lib/puma/thread_pool.rb) class).
|
12
11
|
|
13
|
-
|
12
|
+
Puma works in two main modes: cluster and single. In single mode, only one Puma process is booted. In cluster mode, a `master` process is booted, which prepares (and may boot) the application, and then uses the `fork()` system call to create 1 or more `child` processes. These `child` processes all listen to the same socket. The `master` process does not listen to the socket or process requests - its purpose is mostly to manage and listen for UNIX signals and possibly kill or boot `child` processes.
|
13
|
+
|
14
|
+
We sometimes call `child` processes (or Puma processes in `single` mode) _workers_, and we sometimes call the threads created by Puma's [`ThreadPool`](../lib/puma/thread_pool.rb) _worker threads_.
|
15
|
+
|
16
|
+
## How Requests Work
|
14
17
|
|
15
18
|
![https://bit.ly/2zwzhEK](images/puma-connection-flow.png)
|
16
19
|
|
17
20
|
* Upon startup, Puma listens on a TCP or UNIX socket.
|
18
|
-
* The backlog of this socket is configured (with a default of 1024)
|
19
|
-
* This socket backlog is distinct from the
|
20
|
-
* By default, a single, separate thread is used to
|
21
|
-
* When at least one worker thread is available for work,
|
22
|
-
*
|
23
|
-
* The time spent waiting for the HTTP request body to be received is exposed to the Rack app as `env['puma.request_body_wait']` (milliseconds)
|
24
|
-
* Once received, the connection is pushed into the "todo" set
|
25
|
-
* Worker threads pop work off the "todo" set for processing
|
26
|
-
* The thread processes the request via the
|
27
|
-
* The thread writes the response to the connection
|
28
|
-
*
|
29
|
-
|
30
|
-
###
|
21
|
+
* The backlog of this socket is configured (with a default of 1024). This determines the size of the queue for unaccepted connections. Generally, this setting is unimportant and will never be hit in production use. If the backlog is full, the connection will be refused by the operating system.
|
22
|
+
* This socket backlog is distinct from the `backlog` of work as reported by `Puma.stats` or the control server. The backlog as reported by Puma is the number of connections in the process' `todo` set waiting for a thread from the [`ThreadPool`](../lib/puma/thread_pool.rb).
|
23
|
+
* By default, a single, separate thread (created by the [`Reactor`](../lib/puma/reactor.rb) class) is used to read and buffer requests from the socket.
|
24
|
+
* When at least one worker thread is available for work, the reactor thread listens to the socket and accepts a request, if one is waiting.
|
25
|
+
* The reactor thread waits for the entire HTTP request to be received.
|
26
|
+
* The time spent waiting for the HTTP request body to be received is exposed to the Rack app as `env['puma.request_body_wait']` (milliseconds).
|
27
|
+
* Once fully buffered and received, the connection is pushed into the "todo" set.
|
28
|
+
* Worker threads pop work off the "todo" set for processing.
|
29
|
+
* The worker thread processes the request via `call`ing the configured Rack application. The Rack application generates the HTTP response.
|
30
|
+
* The worker thread writes the response to the connection. Note that while Puma buffers requests via a separate thread, it does not use a separate thread for responses.
|
31
|
+
* Once done, the thread become available to process another connection in the "todo" set.
|
32
|
+
|
33
|
+
### `queue_requests`
|
31
34
|
|
32
35
|
![https://bit.ly/2zxCJ1Z](images/puma-connection-flow-no-reactor.png)
|
33
36
|
|
34
|
-
The `queue_requests` option is `true` by default, enabling the separate thread used to buffer requests as described above.
|
37
|
+
The `queue_requests` option is `true` by default, enabling the separate reactor thread used to buffer requests as described above.
|
35
38
|
|
36
39
|
If set to `false`, this buffer will not be used for connections while waiting for the request to arrive.
|
40
|
+
|
37
41
|
In this mode, when a connection is accepted, it is added to the "todo" queue immediately, and a worker will synchronously do any waiting necessary to read the HTTP request from the socket.
|
data/docs/deployment.md
CHANGED
@@ -16,7 +16,7 @@ Welcome back!
|
|
16
16
|
|
17
17
|
## Single vs Cluster mode
|
18
18
|
|
19
|
-
Puma was originally conceived as a thread-only
|
19
|
+
Puma was originally conceived as a thread-only web server, but grew the ability to
|
20
20
|
also use processes in version 2.
|
21
21
|
|
22
22
|
To run `puma` in single mode (e.g. for a development environment) you will need to
|
@@ -97,20 +97,5 @@ and use `runit` or hell, even `monit`.
|
|
97
97
|
## Restarting
|
98
98
|
|
99
99
|
You probably will want to deploy some new code at some point, and you'd like
|
100
|
-
puma to start running that new code.
|
101
|
-
|
102
|
-
|
103
|
-
1. Don't use `preload!`. This dirties the master process and means it will have
|
104
|
-
to shutdown all the workers and re-exec itself to get your new code. It is not compatible with phased-restart and `prune_bundler` as well.
|
105
|
-
|
106
|
-
1. Use `prune_bundler`. This makes it so that the cluster master will detach itself
|
107
|
-
from a Bundler context on start. This allows the cluster workers to load your app
|
108
|
-
and start a brand new Bundler context within the worker only. This means your
|
109
|
-
master remains pristine and can live on between new releases of your code.
|
110
|
-
|
111
|
-
1. Use phased-restart (`SIGUSR1` or `pumactl phased-restart`). This tells the master
|
112
|
-
to kill off one worker at a time and restart them in your new code. This minimizes
|
113
|
-
downtime and staggers the restart nicely. **WARNING** This means that both your
|
114
|
-
old code and your new code will be running concurrently. Most deployment solutions
|
115
|
-
already cause that, but it's worth warning you about it again. Be careful with your
|
116
|
-
migrations, etc!
|
100
|
+
puma to start running that new code. There are a few options for restarting
|
101
|
+
puma, described separately in our [restart documentation](restart.md).
|
data/docs/jungle/rc.d/README.md
CHANGED
data/docs/kubernetes.md
CHANGED
@@ -61,6 +61,6 @@ For some high-throughput systems, it is possible that some HTTP requests will re
|
|
61
61
|
|
62
62
|
There is a subtle race condition between step 2 and 3: The replication controller does not synchronously remove the pod from the Services AND THEN call the pre-stop hook of the pod, but rather it asynchronously sends "remove this pod from your endpoints" requests to the Services and then immediately proceeds to invoke the pods' pre-stop hook. If the Service controller (typically something like nginx or haproxy) receives this request handles this request "too" late (due to internal lag or network latency between the replication and Service controllers) then it is possible that the Service controller will send one or more requests to a Puma process which has already shut down its listening socket. These requests will then fail with 5XX error codes.
|
63
63
|
|
64
|
-
The way Kubernetes works this way, rather than handling step 2 synchronously, is due to the CAP theorem: in a distributed system there is no way to
|
64
|
+
The way Kubernetes works this way, rather than handling step 2 synchronously, is due to the CAP theorem: in a distributed system there is no way to guarantee that any message will arrive promptly. In particular, waiting for all Service controllers to report back might get stuck for an indefinite time if one of them has already been terminated or if there has been a net split. A way to work around this is to add a sleep to the pre-stop hook of the same time as the `terminationGracePeriodSeconds` time. This will allow the Puma process to keep serving new requests during the entire grace period, although it will no longer receive new requests after all Service controllers have propagated the removal of the pod from their endpoint lists. Then, after `terminationGracePeriodSeconds`, the pod receives `SIGKILL` and closes down. If your process can't handle SIGKILL properly, for example because it needs to release locks in different services, you can also sleep for a shorter period (and/or increase `terminationGracePeriodSeconds`) as long as the time slept is longer than the time that your Service controllers take to propagate the pod removal. The downside of this workaround is that all pods will take at minimum the amount of time slept to shut down and this will increase the time required for your rolling deploy.
|
65
65
|
|
66
66
|
More discussions and links to relevant articles can be found in https://github.com/puma/puma/issues/2343.
|
data/docs/plugins.md
CHANGED
@@ -34,5 +34,5 @@ functionality to augment puma.
|
|
34
34
|
`config` runs when the server is being configured and is passed a `Puma::DSL`
|
35
35
|
object that can be used to add additional configuration.
|
36
36
|
|
37
|
-
Any public methods in `Puma::Plugin` are the public API that any plugin may
|
37
|
+
Any public methods in [`Puma::Plugin`](../lib/puma/plugin.rb) are the public API that any plugin may
|
38
38
|
use.
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# Running Puma in Rails Development Mode
|
2
|
+
|
3
|
+
## "Loopback requests"
|
4
|
+
|
5
|
+
Be cautious of "loopback requests", where a Rails application executes a request to a server that in turn, results in another request back to the same Rails application before the first request is completed. Having a loopback request will trigger [Rails' load interlock](https://guides.rubyonrails.org/threading_and_code_execution.html#load-interlock) mechanism. The load interlock mechanism prevents a thread from using Rails autoloading mechanism to load constants while the application code is still running inside another thread.
|
6
|
+
|
7
|
+
This issue only occurs in the development environment as Rails' load interlock is not used in production environments. Although we're not sure, we believe this issue may not occur with the new `zeitwerk` code loader.
|
8
|
+
|
9
|
+
### Solutions
|
10
|
+
|
11
|
+
|
12
|
+
#### 1. Bypass Rails' load interlock with `.permit_concurrent_loads`
|
13
|
+
|
14
|
+
Wrap the first request inside a block that will allow concurrent loads, [`ActiveSupport::Dependencies.interlock.permit_concurrent_loads`](https://guides.rubyonrails.org/threading_and_code_execution.html#permit-concurrent-loads). Anything wrapped inside the `.permit_concurrent_loads` block will bypass the load interlock mechanism, allowing new threads to access the Rails environment and boot properly.
|
15
|
+
|
16
|
+
###### Example
|
17
|
+
|
18
|
+
```ruby
|
19
|
+
response = ActiveSupport::Dependencies.interlock.permit_concurrent_loads do
|
20
|
+
# Your HTTP request code here. For example:
|
21
|
+
Faraday.post url, data: 'foo'
|
22
|
+
end
|
23
|
+
|
24
|
+
do_something_with response
|
25
|
+
```
|
26
|
+
|
27
|
+
#### 2. Use multiple processes on Puma
|
28
|
+
|
29
|
+
Alternatively, you may also enable multiple (single-threaded) workers on Puma. By doing so, you are sidestepping the problem by creating multiple processes rather than new threads. However, this workaround is not ideal because debugging tools such as [byebug](https://github.com/deivid-rodriguez/byebug/issues/487) and [pry](https://github.com/pry/pry/issues/2153), work poorly with any multi-process web server.
|
data/docs/restart.md
CHANGED
@@ -45,7 +45,7 @@ Any of the following will cause a Puma server to perform a phased restart:
|
|
45
45
|
### Supported configurations
|
46
46
|
|
47
47
|
* Works in cluster mode only
|
48
|
-
* To support upgrading the application that Puma is serving, ensure `prune_bundler` is enabled and that `preload_app
|
48
|
+
* To support upgrading the application that Puma is serving, ensure `prune_bundler` is enabled and that `preload_app!` is disabled
|
49
49
|
* Supported on all platforms where cluster mode is supported
|
50
50
|
|
51
51
|
### Client experience
|
data/docs/stats.md
CHANGED
@@ -53,7 +53,7 @@ end
|
|
53
53
|
|
54
54
|
### single mode and individual workers in cluster mode
|
55
55
|
|
56
|
-
When Puma is run in single mode, these stats
|
56
|
+
When Puma is run in single mode, these stats are available at the top level. When Puma is run in cluster mode, these stats are available within the `worker_status` array in a hash labeled `last_status`, in an array of hashes, one hash for each worker.
|
57
57
|
|
58
58
|
* backlog: requests that are waiting for an available thread to be available. if this is above 0, you need more capacity [always true?]
|
59
59
|
* running: how many threads are running
|
data/docs/systemd.md
CHANGED
@@ -8,7 +8,7 @@ useful features for running Puma in production.
|
|
8
8
|
## Service Configuration
|
9
9
|
|
10
10
|
Below is a sample puma.service configuration file for systemd, which
|
11
|
-
can be copied or symlinked to
|
11
|
+
can be copied or symlinked to `/etc/systemd/system/puma.service`, or if
|
12
12
|
desired, using an application or instance specific name.
|
13
13
|
|
14
14
|
Note that this uses the systemd preferred "simple" type where the
|
data/ext/puma_http11/extconf.rb
CHANGED
@@ -11,9 +11,18 @@ end
|
|
11
11
|
unless ENV["DISABLE_SSL"]
|
12
12
|
dir_config("openssl")
|
13
13
|
|
14
|
-
|
14
|
+
found_ssl = if pkg_config 'openssl'
|
15
|
+
puts 'using OpenSSL pkgconfig (openssl.pc)'
|
16
|
+
true
|
17
|
+
elsif %w'crypto libeay32'.find {|crypto| have_library(crypto, 'BIO_read')} &&
|
15
18
|
%w'ssl ssleay32'.find {|ssl| have_library(ssl, 'SSL_CTX_new')}
|
19
|
+
true
|
20
|
+
else
|
21
|
+
puts '** Puma will be compiled without SSL support'
|
22
|
+
false
|
23
|
+
end
|
16
24
|
|
25
|
+
if found_ssl
|
17
26
|
have_header "openssl/bio.h"
|
18
27
|
|
19
28
|
# below is yes for 1.0.2 & later
|
@@ -25,6 +34,14 @@ unless ENV["DISABLE_SSL"]
|
|
25
34
|
|
26
35
|
have_func "X509_STORE_up_ref"
|
27
36
|
have_func("SSL_CTX_set_ecdh_auto(NULL, 0)", "openssl/ssl.h")
|
37
|
+
|
38
|
+
# Random.bytes available in Ruby 2.5 and later, Random::DEFAULT deprecated in 3.0
|
39
|
+
if Random.respond_to?(:bytes)
|
40
|
+
$defs.push("-DHAVE_RANDOM_BYTES")
|
41
|
+
puts "checking for Random.bytes... yes"
|
42
|
+
else
|
43
|
+
puts "checking for Random.bytes... no"
|
44
|
+
end
|
28
45
|
end
|
29
46
|
end
|
30
47
|
|
data/ext/puma_http11/mini_ssl.c
CHANGED
@@ -208,7 +208,7 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
|
|
208
208
|
#endif
|
209
209
|
int ssl_options;
|
210
210
|
VALUE key, cert, ca, verify_mode, ssl_cipher_filter, no_tlsv1, no_tlsv1_1,
|
211
|
-
verification_flags;
|
211
|
+
verification_flags, session_id_bytes;
|
212
212
|
DH *dh;
|
213
213
|
|
214
214
|
#if OPENSSL_VERSION_NUMBER < 0x10002000L
|
@@ -309,6 +309,21 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
|
|
309
309
|
} else {
|
310
310
|
SSL_CTX_set_verify(ctx, NUM2INT(verify_mode), engine_verify_callback);
|
311
311
|
}
|
312
|
+
|
313
|
+
// Random.bytes available in Ruby 2.5 and later, Random::DEFAULT deprecated in 3.0
|
314
|
+
session_id_bytes = rb_funcall(
|
315
|
+
#ifdef HAVE_RANDOM_BYTES
|
316
|
+
rb_cRandom,
|
317
|
+
#else
|
318
|
+
rb_const_get(rb_cRandom, rb_intern_const("DEFAULT")),
|
319
|
+
#endif
|
320
|
+
rb_intern_const("bytes"),
|
321
|
+
1, ULL2NUM(SSL_MAX_SSL_SESSION_ID_LENGTH));
|
322
|
+
|
323
|
+
SSL_CTX_set_session_id_context(ctx,
|
324
|
+
(unsigned char *) RSTRING_PTR(session_id_bytes),
|
325
|
+
SSL_MAX_SSL_SESSION_ID_LENGTH);
|
326
|
+
|
312
327
|
// printf("\ninitialize end security_level %d\n", SSL_CTX_get_security_level(ctx));
|
313
328
|
rb_obj_freeze(self);
|
314
329
|
return self;
|
data/lib/puma.rb
CHANGED
@@ -12,13 +12,47 @@ require 'thread'
|
|
12
12
|
|
13
13
|
require 'puma/puma_http11'
|
14
14
|
require 'puma/detect'
|
15
|
-
require 'puma/
|
15
|
+
require 'puma/json_serialization'
|
16
16
|
|
17
17
|
module Puma
|
18
18
|
autoload :Const, 'puma/const'
|
19
19
|
autoload :Server, 'puma/server'
|
20
20
|
autoload :Launcher, 'puma/launcher'
|
21
21
|
|
22
|
+
# at present, MiniSSL::Engine is only defined in extension code (puma_http11),
|
23
|
+
# not in minissl.rb
|
24
|
+
HAS_SSL = const_defined?(:MiniSSL, false) && MiniSSL.const_defined?(:Engine, false)
|
25
|
+
|
26
|
+
HAS_UNIX_SOCKET = Object.const_defined? :UNIXSocket
|
27
|
+
|
28
|
+
if HAS_SSL
|
29
|
+
require 'puma/minissl'
|
30
|
+
else
|
31
|
+
module MiniSSL
|
32
|
+
# this class is defined so that it exists when Puma is compiled
|
33
|
+
# without ssl support, as Server and Reactor use it in rescue statements.
|
34
|
+
class SSLError < StandardError ; end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
def self.ssl?
|
39
|
+
HAS_SSL
|
40
|
+
end
|
41
|
+
|
42
|
+
def self.abstract_unix_socket?
|
43
|
+
@abstract_unix ||=
|
44
|
+
if HAS_UNIX_SOCKET
|
45
|
+
begin
|
46
|
+
::UNIXServer.new("\0puma.temp.unix").close
|
47
|
+
true
|
48
|
+
rescue ArgumentError # darwin
|
49
|
+
false
|
50
|
+
end
|
51
|
+
else
|
52
|
+
false
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
22
56
|
# @!attribute [rw] stats_object=
|
23
57
|
def self.stats_object=(val)
|
24
58
|
@get_stats = val
|
@@ -26,7 +60,7 @@ module Puma
|
|
26
60
|
|
27
61
|
# @!attribute [rw] stats_object
|
28
62
|
def self.stats
|
29
|
-
Puma::
|
63
|
+
Puma::JSONSerialization.generate @get_stats.stats
|
30
64
|
end
|
31
65
|
|
32
66
|
# @!attribute [r] stats_hash
|
@@ -40,12 +74,4 @@ module Puma
|
|
40
74
|
return unless Thread.current.respond_to?(:name=)
|
41
75
|
Thread.current.name = "puma #{name}"
|
42
76
|
end
|
43
|
-
|
44
|
-
unless HAS_SSL
|
45
|
-
module MiniSSL
|
46
|
-
# this class is defined so that it exists when Puma is compiled
|
47
|
-
# without ssl support, as Server and Reactor use it in rescue statements.
|
48
|
-
class SSLError < StandardError ; end
|
49
|
-
end
|
50
|
-
end
|
51
77
|
end
|