unicorn 4.8.3 → 6.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.document +0 -1
- data/.gitattributes +5 -0
- data/.gitignore +2 -2
- data/.manifest +15 -19
- data/.olddoc.yml +25 -0
- data/Application_Timeouts +7 -7
- data/CONTRIBUTORS +6 -2
- data/DESIGN +2 -4
- data/Documentation/.gitignore +1 -3
- data/Documentation/unicorn.1 +222 -0
- data/Documentation/unicorn_rails.1 +207 -0
- data/FAQ +23 -6
- data/GIT-VERSION-FILE +1 -1
- data/GIT-VERSION-GEN +1 -1
- data/GNUmakefile +138 -92
- data/HACKING +5 -30
- data/ISSUES +73 -36
- data/KNOWN_ISSUES +18 -18
- data/LATEST +16 -22
- data/LICENSE +2 -2
- data/Links +24 -22
- data/NEWS +771 -0
- data/PHILOSOPHY +0 -6
- data/README +48 -42
- data/Rakefile +0 -44
- data/SIGNALS +2 -2
- data/Sandbox +11 -10
- data/TODO +0 -2
- data/TUNING +30 -9
- data/archive/slrnpull.conf +1 -1
- data/bin/unicorn +4 -2
- data/bin/unicorn_rails +3 -3
- data/examples/big_app_gc.rb +1 -1
- data/examples/init.sh +36 -8
- data/examples/logrotate.conf +17 -2
- data/examples/nginx.conf +14 -14
- data/examples/unicorn.conf.minimal.rb +2 -2
- data/examples/unicorn.conf.rb +14 -6
- data/examples/unicorn.socket +11 -0
- data/examples/unicorn@.service +40 -0
- data/ext/unicorn_http/c_util.h +5 -13
- data/ext/unicorn_http/common_field_optimization.h +22 -5
- data/ext/unicorn_http/epollexclusive.h +124 -0
- data/ext/unicorn_http/ext_help.h +0 -44
- data/ext/unicorn_http/extconf.rb +32 -5
- data/ext/unicorn_http/global_variables.h +2 -2
- data/ext/unicorn_http/httpdate.c +3 -2
- data/ext/unicorn_http/unicorn_http.c +926 -638
- data/ext/unicorn_http/unicorn_http.rl +159 -170
- data/ext/unicorn_http/unicorn_http_common.rl +1 -1
- data/lib/unicorn/configurator.rb +110 -46
- data/lib/unicorn/const.rb +2 -25
- data/lib/unicorn/http_request.rb +110 -31
- data/lib/unicorn/http_response.rb +17 -31
- data/lib/unicorn/http_server.rb +259 -179
- data/lib/unicorn/launcher.rb +1 -1
- data/lib/unicorn/oob_gc.rb +6 -6
- data/lib/unicorn/select_waiter.rb +6 -0
- data/lib/unicorn/socket_helper.rb +58 -78
- data/lib/unicorn/stream_input.rb +8 -7
- data/lib/unicorn/tee_input.rb +16 -11
- data/lib/unicorn/tmpio.rb +10 -6
- data/lib/unicorn/util.rb +5 -4
- data/lib/unicorn/version.rb +1 -1
- data/lib/unicorn/worker.rb +36 -23
- data/lib/unicorn.rb +64 -44
- data/man/man1/unicorn.1 +124 -112
- data/man/man1/unicorn_rails.1 +106 -107
- data/t/GNUmakefile +3 -76
- data/t/README +4 -4
- data/t/t0002-parser-error.sh +3 -3
- data/t/t0011-active-unix-socket.sh +1 -1
- data/t/t0012-reload-empty-config.sh +2 -1
- data/t/t0301-no-default-middleware-ignored-in-config.sh +25 -0
- data/t/t0301.ru +13 -0
- data/t/test-lib.sh +4 -3
- data/test/benchmark/README +14 -4
- data/test/benchmark/ddstream.ru +50 -0
- data/test/benchmark/readinput.ru +40 -0
- data/test/benchmark/uconnect.perl +66 -0
- data/test/exec/test_exec.rb +74 -20
- data/test/test_helper.rb +42 -33
- data/test/unit/test_ccc.rb +91 -0
- data/test/unit/test_droplet.rb +1 -1
- data/test/unit/test_http_parser.rb +49 -19
- data/test/unit/test_http_parser_ng.rb +98 -115
- data/test/unit/test_request.rb +11 -11
- data/test/unit/test_response.rb +31 -19
- data/test/unit/test_server.rb +89 -15
- data/test/unit/test_signals.rb +9 -9
- data/test/unit/test_socket_helper.rb +16 -12
- data/test/unit/test_tee_input.rb +10 -0
- data/test/unit/test_upload.rb +10 -15
- data/test/unit/test_util.rb +32 -6
- data/test/unit/test_waiter.rb +34 -0
- data/unicorn.gemspec +28 -23
- data/unicorn_1 +1 -0
- data/unicorn_rails_1 +1 -0
- metadata +37 -58
- data/.wrongdoc.yml +0 -11
- data/ChangeLog +0 -5027
- data/Documentation/GNUmakefile +0 -30
- data/Documentation/unicorn.1.txt +0 -178
- data/Documentation/unicorn_rails.1.txt +0 -175
- data/examples/git.ru +0 -13
- data/lib/unicorn/app/exec_cgi.rb +0 -154
- data/lib/unicorn/app/inetd.rb +0 -109
- data/lib/unicorn/ssl_client.rb +0 -11
- data/lib/unicorn/ssl_configurator.rb +0 -104
- data/lib/unicorn/ssl_server.rb +0 -42
- data/local.mk.sample +0 -59
- data/script/isolate_for_tests +0 -31
- data/t/hijack.ru +0 -42
- data/t/t0016-trust-x-forwarded-false.sh +0 -30
- data/t/t0017-trust-x-forwarded-true.sh +0 -30
- data/t/t0200-rack-hijack.sh +0 -27
- data/test/unit/test_http_parser_xftrust.rb +0 -38
- data/test/unit/test_sni_hostnames.rb +0 -47
data/lib/unicorn/http_server.rb
CHANGED
@@ -1,5 +1,4 @@
|
|
1
1
|
# -*- encoding: binary -*-
|
2
|
-
require "unicorn/ssl_server"
|
3
2
|
|
4
3
|
# This is the process manager of Unicorn. This manages worker
|
5
4
|
# processes which in turn handle the I/O and application process.
|
@@ -7,51 +6,30 @@ require "unicorn/ssl_server"
|
|
7
6
|
# forked worker children.
|
8
7
|
#
|
9
8
|
# Users do not need to know the internals of this class, but reading the
|
10
|
-
# {source}[
|
11
|
-
# is education for programmers wishing to learn how
|
12
|
-
# See Unicorn::Configurator for information on how to configure
|
9
|
+
# {source}[https://yhbt.net/unicorn.git/tree/lib/unicorn/http_server.rb]
|
10
|
+
# is education for programmers wishing to learn how unicorn works.
|
11
|
+
# See Unicorn::Configurator for information on how to configure unicorn.
|
13
12
|
class Unicorn::HttpServer
|
14
13
|
# :stopdoc:
|
15
|
-
attr_accessor :app, :
|
14
|
+
attr_accessor :app, :timeout, :worker_processes,
|
16
15
|
:before_fork, :after_fork, :before_exec,
|
17
16
|
:listener_opts, :preload_app,
|
18
|
-
:
|
19
|
-
:
|
17
|
+
:orig_app, :config, :ready_pipe, :user,
|
18
|
+
:default_middleware, :early_hints
|
19
|
+
attr_writer :after_worker_exit, :after_worker_ready, :worker_exec
|
20
20
|
|
21
21
|
attr_reader :pid, :logger
|
22
22
|
include Unicorn::SocketHelper
|
23
23
|
include Unicorn::HttpResponse
|
24
|
-
include Unicorn::SSLServer
|
25
|
-
|
26
|
-
# backwards compatibility with 1.x
|
27
|
-
Worker = Unicorn::Worker
|
28
24
|
|
29
25
|
# all bound listener sockets
|
26
|
+
# note: this is public used by raindrops, but not recommended for use
|
27
|
+
# in new projects
|
30
28
|
LISTENERS = []
|
31
29
|
|
32
30
|
# listeners we have yet to bind
|
33
31
|
NEW_LISTENERS = []
|
34
32
|
|
35
|
-
# This hash maps PIDs to Workers
|
36
|
-
WORKERS = {}
|
37
|
-
|
38
|
-
# We use SELF_PIPE differently in the master and worker processes:
|
39
|
-
#
|
40
|
-
# * The master process never closes or reinitializes this once
|
41
|
-
# initialized. Signal handlers in the master process will write to
|
42
|
-
# it to wake up the master from IO.select in exactly the same manner
|
43
|
-
# djb describes in http://cr.yp.to/docs/selfpipe.html
|
44
|
-
#
|
45
|
-
# * The workers immediately close the pipe they inherit. See the
|
46
|
-
# Unicorn::Worker class for the pipe workers use.
|
47
|
-
SELF_PIPE = []
|
48
|
-
|
49
|
-
# signal queue used for self-piping
|
50
|
-
SIG_QUEUE = []
|
51
|
-
|
52
|
-
# list of signals we care about and trap in master.
|
53
|
-
QUEUE_SIGS = [ :WINCH, :QUIT, :INT, :TERM, :USR1, :USR2, :HUP, :TTIN, :TTOU ]
|
54
|
-
|
55
33
|
# :startdoc:
|
56
34
|
# We populate this at startup so we can figure out how to reexecute
|
57
35
|
# and upgrade the currently running instance of Unicorn
|
@@ -60,7 +38,7 @@ class Unicorn::HttpServer
|
|
60
38
|
# or even different installations of the same applications without
|
61
39
|
# downtime. Keys of this constant Hash are described as follows:
|
62
40
|
#
|
63
|
-
# * 0 - the path to the unicorn
|
41
|
+
# * 0 - the path to the unicorn executable
|
64
42
|
# * :argv - a deep copy of the ARGV array the executable originally saw
|
65
43
|
# * :cwd - the working directory of the application, this is where
|
66
44
|
# you originally started Unicorn.
|
@@ -69,9 +47,9 @@ class Unicorn::HttpServer
|
|
69
47
|
# you can set the following in your Unicorn config file, HUP and then
|
70
48
|
# continue with the traditional USR2 + QUIT upgrade steps:
|
71
49
|
#
|
72
|
-
# Unicorn::HttpServer::START_CTX[0] = "/home/bofh/
|
50
|
+
# Unicorn::HttpServer::START_CTX[0] = "/home/bofh/2.3.0/bin/unicorn"
|
73
51
|
START_CTX = {
|
74
|
-
:argv => ARGV.map
|
52
|
+
:argv => ARGV.map(&:dup),
|
75
53
|
0 => $0.dup,
|
76
54
|
}
|
77
55
|
# We favor ENV['PWD'] since it is (usually) symlink aware for Capistrano
|
@@ -91,8 +69,8 @@ class Unicorn::HttpServer
|
|
91
69
|
# incoming requests on the socket.
|
92
70
|
def initialize(app, options = {})
|
93
71
|
@app = app
|
94
|
-
@
|
95
|
-
|
72
|
+
@reexec_pid = 0
|
73
|
+
@default_middleware = true
|
96
74
|
options = options.dup
|
97
75
|
@ready_pipe = options.delete(:ready_pipe)
|
98
76
|
@init_listeners = options[:listeners] ? options[:listeners].dup : []
|
@@ -100,6 +78,20 @@ class Unicorn::HttpServer
|
|
100
78
|
self.config = Unicorn::Configurator.new(options)
|
101
79
|
self.listener_opts = {}
|
102
80
|
|
81
|
+
# We use @self_pipe differently in the master and worker processes:
|
82
|
+
#
|
83
|
+
# * The master process never closes or reinitializes this once
|
84
|
+
# initialized. Signal handlers in the master process will write to
|
85
|
+
# it to wake up the master from IO.select in exactly the same manner
|
86
|
+
# djb describes in https://cr.yp.to/docs/selfpipe.html
|
87
|
+
#
|
88
|
+
# * The workers immediately close the pipe they inherit. See the
|
89
|
+
# Unicorn::Worker class for the pipe workers use.
|
90
|
+
@self_pipe = []
|
91
|
+
@workers = {} # hash maps PIDs to Workers
|
92
|
+
@sig_queue = [] # signal queue used for self-piping
|
93
|
+
@pid = nil
|
94
|
+
|
103
95
|
# we try inheriting listeners first, so we bind them later.
|
104
96
|
# we don't write the pid file until we've bound listeners in case
|
105
97
|
# unicorn was started twice by mistake. Even though our #pid= method
|
@@ -111,7 +103,18 @@ class Unicorn::HttpServer
|
|
111
103
|
# monitoring tools may also rely on pid files existing before we
|
112
104
|
# attempt to connect to the listener(s)
|
113
105
|
config.commit!(self, :skip => [:listeners, :pid])
|
114
|
-
|
106
|
+
@orig_app = app
|
107
|
+
# list of signals we care about and trap in master.
|
108
|
+
@queue_sigs = [
|
109
|
+
:WINCH, :QUIT, :INT, :TERM, :USR1, :USR2, :HUP, :TTIN, :TTOU ]
|
110
|
+
|
111
|
+
@worker_data = if worker_data = ENV['UNICORN_WORKER']
|
112
|
+
worker_data = worker_data.split(',').map!(&:to_i)
|
113
|
+
worker_data[1] = worker_data.slice!(1..2).map do |i|
|
114
|
+
Kgio::Pipe.for_fd(i)
|
115
|
+
end
|
116
|
+
worker_data
|
117
|
+
end
|
115
118
|
end
|
116
119
|
|
117
120
|
# Runs the thing. Returns self so you can run join on it
|
@@ -119,13 +122,13 @@ class Unicorn::HttpServer
|
|
119
122
|
inherit_listeners!
|
120
123
|
# this pipe is used to wake us up from select(2) in #join when signals
|
121
124
|
# are trapped. See trap_deferred.
|
122
|
-
|
123
|
-
@master_pid = $$
|
125
|
+
@self_pipe.replace(Unicorn.pipe)
|
126
|
+
@master_pid = @worker_data ? Process.ppid : $$
|
124
127
|
|
125
128
|
# setup signal handlers before writing pid file in case people get
|
126
129
|
# trigger happy and send signals as soon as the pid file exists.
|
127
130
|
# Note that signals don't actually get handled until the #join method
|
128
|
-
|
131
|
+
@queue_sigs.each { |sig| trap(sig) { @sig_queue << sig; awaken_master } }
|
129
132
|
trap(:CHLD) { awaken_master }
|
130
133
|
|
131
134
|
# write pid early for Mongrel compatibility if we're not inheriting sockets
|
@@ -146,7 +149,7 @@ class Unicorn::HttpServer
|
|
146
149
|
def listeners=(listeners)
|
147
150
|
cur_names, dead_names = [], []
|
148
151
|
listener_names.each do |name|
|
149
|
-
if
|
152
|
+
if name.start_with?('/')
|
150
153
|
# mark unlinked sockets as dead so we can rebind them
|
151
154
|
(File.socket?(name) ? cur_names : dead_names) << name
|
152
155
|
else
|
@@ -158,9 +161,6 @@ class Unicorn::HttpServer
|
|
158
161
|
|
159
162
|
LISTENERS.delete_if do |io|
|
160
163
|
if dead_names.include?(sock_name(io))
|
161
|
-
IO_PURGATORY.delete_if do |pio|
|
162
|
-
pio.fileno == io.fileno && (pio.close rescue nil).nil? # true
|
163
|
-
end
|
164
164
|
(io.close rescue nil).nil? # true
|
165
165
|
else
|
166
166
|
set_server_sockopt(io, listener_opts[sock_name(io)])
|
@@ -198,7 +198,7 @@ class Unicorn::HttpServer
|
|
198
198
|
if path
|
199
199
|
if x = valid_pid?(path)
|
200
200
|
return path if pid && path == pid && x == $$
|
201
|
-
if x == reexec_pid && pid
|
201
|
+
if x == @reexec_pid && pid.end_with?('.oldbin')
|
202
202
|
logger.warn("will not set pid=#{path} while reexec-ed "\
|
203
203
|
"child is running PID:#{x}")
|
204
204
|
return
|
@@ -241,7 +241,7 @@ class Unicorn::HttpServer
|
|
241
241
|
begin
|
242
242
|
io = bind_listen(address, opt)
|
243
243
|
unless Kgio::TCPServer === io || Kgio::UNIXServer === io
|
244
|
-
|
244
|
+
io.autoclose = false
|
245
245
|
io = server_cast(io)
|
246
246
|
end
|
247
247
|
logger.info "listening on addr=#{sock_name(io)} fd=#{io.fileno}"
|
@@ -267,7 +267,7 @@ class Unicorn::HttpServer
|
|
267
267
|
# is signalling us too often.
|
268
268
|
def join
|
269
269
|
respawn = true
|
270
|
-
last_check =
|
270
|
+
last_check = time_now
|
271
271
|
|
272
272
|
proc_name 'master'
|
273
273
|
logger.info "master process ready" # test_exec.rb relies on this message
|
@@ -281,11 +281,11 @@ class Unicorn::HttpServer
|
|
281
281
|
end
|
282
282
|
begin
|
283
283
|
reap_all_workers
|
284
|
-
case
|
284
|
+
case @sig_queue.shift
|
285
285
|
when nil
|
286
286
|
# avoid murdering workers after our master process (or the
|
287
287
|
# machine) comes out of suspend/hibernation
|
288
|
-
if (last_check + @timeout) >= (last_check =
|
288
|
+
if (last_check + @timeout) >= (last_check = time_now)
|
289
289
|
sleep_time = murder_lazy_workers
|
290
290
|
else
|
291
291
|
sleep_time = @timeout/2.0 + 1
|
@@ -306,13 +306,13 @@ class Unicorn::HttpServer
|
|
306
306
|
when :USR2 # exec binary, stay alive in case something went wrong
|
307
307
|
reexec
|
308
308
|
when :WINCH
|
309
|
-
if
|
309
|
+
if $stdin.tty?
|
310
|
+
logger.info "SIGWINCH ignored because we're not daemonized"
|
311
|
+
else
|
310
312
|
respawn = false
|
311
313
|
logger.info "gracefully stopping all workers"
|
312
314
|
soft_kill_each_worker(:QUIT)
|
313
315
|
self.worker_processes = 0
|
314
|
-
else
|
315
|
-
logger.info "SIGWINCH ignored because we're not daemonized"
|
316
316
|
end
|
317
317
|
when :TTIN
|
318
318
|
respawn = true
|
@@ -339,8 +339,8 @@ class Unicorn::HttpServer
|
|
339
339
|
# Terminates all workers, but does not exit master process
|
340
340
|
def stop(graceful = true)
|
341
341
|
self.listeners = []
|
342
|
-
limit =
|
343
|
-
until
|
342
|
+
limit = time_now + timeout
|
343
|
+
until @workers.empty? || time_now > limit
|
344
344
|
if graceful
|
345
345
|
soft_kill_each_worker(:QUIT)
|
346
346
|
else
|
@@ -369,14 +369,6 @@ class Unicorn::HttpServer
|
|
369
369
|
Unicorn::TeeInput.client_body_buffer_size = bytes
|
370
370
|
end
|
371
371
|
|
372
|
-
def trust_x_forwarded
|
373
|
-
Unicorn::HttpParser.trust_x_forwarded?
|
374
|
-
end
|
375
|
-
|
376
|
-
def trust_x_forwarded=(bool)
|
377
|
-
Unicorn::HttpParser.trust_x_forwarded = bool
|
378
|
-
end
|
379
|
-
|
380
372
|
def check_client_connection
|
381
373
|
Unicorn::HttpRequest.check_client_connection
|
382
374
|
end
|
@@ -389,13 +381,17 @@ class Unicorn::HttpServer
|
|
389
381
|
|
390
382
|
# wait for a signal hander to wake us up and then consume the pipe
|
391
383
|
def master_sleep(sec)
|
392
|
-
|
393
|
-
|
384
|
+
@self_pipe[0].wait(sec) or return
|
385
|
+
# 11 bytes is the maximum string length which can be embedded within
|
386
|
+
# the Ruby itself and not require a separate malloc (on 32-bit MRI 1.9+).
|
387
|
+
# Most reads are only one byte here and uncommon, so it's not worth a
|
388
|
+
# persistent buffer, either:
|
389
|
+
@self_pipe[0].kgio_tryread(11)
|
394
390
|
end
|
395
391
|
|
396
392
|
def awaken_master
|
397
393
|
return if $$ != @master_pid
|
398
|
-
|
394
|
+
@self_pipe[1].kgio_trywrite('.') # wakeup master process from select
|
399
395
|
end
|
400
396
|
|
401
397
|
# reaps all unreaped workers
|
@@ -403,15 +399,14 @@ class Unicorn::HttpServer
|
|
403
399
|
begin
|
404
400
|
wpid, status = Process.waitpid2(-1, Process::WNOHANG)
|
405
401
|
wpid or return
|
406
|
-
if reexec_pid == wpid
|
402
|
+
if @reexec_pid == wpid
|
407
403
|
logger.error "reaped #{status.inspect} exec()-ed"
|
408
|
-
|
404
|
+
@reexec_pid = 0
|
409
405
|
self.pid = pid.chomp('.oldbin') if pid
|
410
406
|
proc_name 'master'
|
411
407
|
else
|
412
|
-
worker =
|
413
|
-
|
414
|
-
status.success? ? logger.info(m) : logger.error(m)
|
408
|
+
worker = @workers.delete(wpid) and worker.close rescue nil
|
409
|
+
@after_worker_exit.call(self, worker, status)
|
415
410
|
end
|
416
411
|
rescue Errno::ECHILD
|
417
412
|
break
|
@@ -420,13 +415,13 @@ class Unicorn::HttpServer
|
|
420
415
|
|
421
416
|
# reexecutes the START_CTX with a new binary
|
422
417
|
def reexec
|
423
|
-
if reexec_pid > 0
|
418
|
+
if @reexec_pid > 0
|
424
419
|
begin
|
425
|
-
Process.kill(0, reexec_pid)
|
426
|
-
logger.error "reexec-ed child already running PID
|
420
|
+
Process.kill(0, @reexec_pid)
|
421
|
+
logger.error "reexec-ed child already running PID:#@reexec_pid"
|
427
422
|
return
|
428
423
|
rescue Errno::ESRCH
|
429
|
-
|
424
|
+
@reexec_pid = 0
|
430
425
|
end
|
431
426
|
end
|
432
427
|
|
@@ -444,15 +439,8 @@ class Unicorn::HttpServer
|
|
444
439
|
end
|
445
440
|
end
|
446
441
|
|
447
|
-
|
448
|
-
listener_fds =
|
449
|
-
LISTENERS.each do |sock|
|
450
|
-
# IO#close_on_exec= will be available on any future version of
|
451
|
-
# Ruby that sets FD_CLOEXEC by default on new file descriptors
|
452
|
-
# ref: http://redmine.ruby-lang.org/issues/5041
|
453
|
-
sock.close_on_exec = false if sock.respond_to?(:close_on_exec=)
|
454
|
-
listener_fds[sock.fileno] = sock
|
455
|
-
end
|
442
|
+
@reexec_pid = fork do
|
443
|
+
listener_fds = listener_sockets
|
456
444
|
ENV['UNICORN_FD'] = listener_fds.keys.join(',')
|
457
445
|
Dir.chdir(START_CTX[:cwd])
|
458
446
|
cmd = [ START_CTX[0] ].concat(START_CTX[:argv])
|
@@ -460,16 +448,11 @@ class Unicorn::HttpServer
|
|
460
448
|
# avoid leaking FDs we don't know about, but let before_exec
|
461
449
|
# unset FD_CLOEXEC, if anything else in the app eventually
|
462
450
|
# relies on FD inheritence.
|
463
|
-
(
|
464
|
-
next if listener_fds.include?(io)
|
465
|
-
io = IO.for_fd(io) rescue next
|
466
|
-
prevent_autoclose(io)
|
467
|
-
io.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC)
|
468
|
-
end
|
451
|
+
close_sockets_on_exec(listener_fds)
|
469
452
|
|
470
453
|
# exec(command, hash) works in at least 1.9.1+, but will only be
|
471
454
|
# required in 1.9.4/2.0.0 at earliest.
|
472
|
-
cmd << listener_fds
|
455
|
+
cmd << listener_fds
|
473
456
|
logger.info "executing #{cmd.inspect} (in #{Dir.pwd})"
|
474
457
|
before_exec.call(self)
|
475
458
|
exec(*cmd)
|
@@ -477,11 +460,45 @@ class Unicorn::HttpServer
|
|
477
460
|
proc_name 'master (old)'
|
478
461
|
end
|
479
462
|
|
463
|
+
def worker_spawn(worker)
|
464
|
+
listener_fds = listener_sockets
|
465
|
+
env = {}
|
466
|
+
env['UNICORN_FD'] = listener_fds.keys.join(',')
|
467
|
+
|
468
|
+
listener_fds[worker.to_io.fileno] = worker.to_io
|
469
|
+
listener_fds[worker.master.fileno] = worker.master
|
470
|
+
|
471
|
+
worker_info = [worker.nr, worker.to_io.fileno, worker.master.fileno]
|
472
|
+
env['UNICORN_WORKER'] = worker_info.join(',')
|
473
|
+
|
474
|
+
close_sockets_on_exec(listener_fds)
|
475
|
+
|
476
|
+
Process.spawn(env, START_CTX[0], *START_CTX[:argv], listener_fds)
|
477
|
+
end
|
478
|
+
|
479
|
+
def listener_sockets
|
480
|
+
listener_fds = {}
|
481
|
+
LISTENERS.each do |sock|
|
482
|
+
sock.close_on_exec = false
|
483
|
+
listener_fds[sock.fileno] = sock
|
484
|
+
end
|
485
|
+
listener_fds
|
486
|
+
end
|
487
|
+
|
488
|
+
def close_sockets_on_exec(sockets)
|
489
|
+
(3..1024).each do |io|
|
490
|
+
next if sockets.include?(io)
|
491
|
+
io = IO.for_fd(io) rescue next
|
492
|
+
io.autoclose = false
|
493
|
+
io.close_on_exec = true
|
494
|
+
end
|
495
|
+
end
|
496
|
+
|
480
497
|
# forcibly terminate all workers that haven't checked in in timeout seconds. The timeout is implemented using an unlinked File
|
481
498
|
def murder_lazy_workers
|
482
499
|
next_sleep = @timeout - 1
|
483
|
-
now =
|
484
|
-
|
500
|
+
now = time_now.to_i
|
501
|
+
@workers.dup.each_pair do |wpid, worker|
|
485
502
|
tick = worker.tick
|
486
503
|
0 == tick and next # skip workers that haven't processed any clients
|
487
504
|
diff = now - tick
|
@@ -499,42 +516,50 @@ class Unicorn::HttpServer
|
|
499
516
|
end
|
500
517
|
|
501
518
|
def after_fork_internal
|
502
|
-
|
519
|
+
@self_pipe.each(&:close).clear # this is master-only, now
|
503
520
|
@ready_pipe.close if @ready_pipe
|
504
521
|
Unicorn::Configurator::RACKUP.clear
|
505
522
|
@ready_pipe = @init_listeners = @before_exec = @before_fork = nil
|
506
523
|
|
507
|
-
srand # http://redmine.ruby-lang.org/issues/4338
|
508
|
-
|
509
524
|
# The OpenSSL PRNG is seeded with only the pid, and apps with frequently
|
510
525
|
# dying workers can recycle pids
|
511
526
|
OpenSSL::Random.seed(rand.to_s) if defined?(OpenSSL::Random)
|
512
527
|
end
|
513
528
|
|
514
529
|
def spawn_missing_workers
|
530
|
+
if @worker_data
|
531
|
+
worker = Unicorn::Worker.new(*@worker_data)
|
532
|
+
after_fork_internal
|
533
|
+
worker_loop(worker)
|
534
|
+
exit
|
535
|
+
end
|
536
|
+
|
515
537
|
worker_nr = -1
|
516
538
|
until (worker_nr += 1) == @worker_processes
|
517
|
-
|
518
|
-
worker = Worker.new(worker_nr)
|
539
|
+
@workers.value?(worker_nr) and next
|
540
|
+
worker = Unicorn::Worker.new(worker_nr)
|
519
541
|
before_fork.call(self, worker)
|
520
|
-
|
521
|
-
|
522
|
-
|
523
|
-
|
542
|
+
|
543
|
+
pid = @worker_exec ? worker_spawn(worker) : fork
|
544
|
+
|
545
|
+
unless pid
|
524
546
|
after_fork_internal
|
525
547
|
worker_loop(worker)
|
526
548
|
exit
|
527
549
|
end
|
550
|
+
|
551
|
+
@workers[pid] = worker
|
552
|
+
worker.atfork_parent
|
528
553
|
end
|
529
|
-
|
530
|
-
|
531
|
-
|
554
|
+
rescue => e
|
555
|
+
@logger.error(e) rescue nil
|
556
|
+
exit!
|
532
557
|
end
|
533
558
|
|
534
559
|
def maintain_worker_count
|
535
|
-
(off =
|
560
|
+
(off = @workers.size - worker_processes) == 0 and return
|
536
561
|
off < 0 and return spawn_missing_workers
|
537
|
-
|
562
|
+
@workers.each_value { |w| w.nr >= worker_processes and w.soft_kill(:QUIT) }
|
538
563
|
end
|
539
564
|
|
540
565
|
# if we get any error, try to write something back to the client
|
@@ -559,43 +584,79 @@ class Unicorn::HttpServer
|
|
559
584
|
client.kgio_trywrite(err_response(code, @request.response_start_sent))
|
560
585
|
end
|
561
586
|
client.close
|
562
|
-
|
587
|
+
rescue
|
563
588
|
end
|
564
589
|
|
565
|
-
def
|
566
|
-
if @request.response_start_sent
|
567
|
-
|
590
|
+
def e103_response_write(client, headers)
|
591
|
+
response = if @request.response_start_sent
|
592
|
+
"103 Early Hints\r\n"
|
568
593
|
else
|
569
|
-
|
594
|
+
"HTTP/1.1 103 Early Hints\r\n"
|
570
595
|
end
|
596
|
+
|
597
|
+
headers.each_pair do |k, vs|
|
598
|
+
next if !vs || vs.empty?
|
599
|
+
values = vs.to_s.split("\n".freeze)
|
600
|
+
values.each do |v|
|
601
|
+
response << "#{k}: #{v}\r\n"
|
602
|
+
end
|
603
|
+
end
|
604
|
+
response << "\r\n".freeze
|
605
|
+
response << "HTTP/1.1 ".freeze if @request.response_start_sent
|
606
|
+
client.write(response)
|
607
|
+
end
|
608
|
+
|
609
|
+
def e100_response_write(client, env)
|
610
|
+
# We use String#freeze to avoid allocations under Ruby 2.1+
|
611
|
+
# Not many users hit this code path, so it's better to reduce the
|
612
|
+
# constant table sizes even for Ruby 2.0 users who'll hit extra
|
613
|
+
# allocations here.
|
614
|
+
client.write(@request.response_start_sent ?
|
615
|
+
"100 Continue\r\n\r\nHTTP/1.1 ".freeze :
|
616
|
+
"HTTP/1.1 100 Continue\r\n\r\n".freeze)
|
617
|
+
env.delete('HTTP_EXPECT'.freeze)
|
571
618
|
end
|
572
619
|
|
573
620
|
# once a client is accepted, it is processed in its entirety here
|
574
621
|
# in 3 easy steps: read request, call app, write app response
|
575
622
|
def process_client(client)
|
576
|
-
|
577
|
-
|
623
|
+
@request = Unicorn::HttpRequest.new
|
624
|
+
env = @request.read(client)
|
625
|
+
|
626
|
+
if early_hints
|
627
|
+
env["rack.early_hints"] = lambda do |headers|
|
628
|
+
e103_response_write(client, headers)
|
629
|
+
end
|
630
|
+
end
|
578
631
|
|
579
|
-
|
580
|
-
|
581
|
-
|
582
|
-
|
632
|
+
env["rack.after_reply"] = []
|
633
|
+
|
634
|
+
status, headers, body = @app.call(env)
|
635
|
+
|
636
|
+
begin
|
583
637
|
return if @request.hijacked?
|
638
|
+
|
639
|
+
if 100 == status.to_i
|
640
|
+
e100_response_write(client, env)
|
641
|
+
status, headers, body = @app.call(env)
|
642
|
+
return if @request.hijacked?
|
643
|
+
end
|
644
|
+
@request.headers? or headers = nil
|
645
|
+
http_response_write(client, status, headers, body, @request)
|
646
|
+
ensure
|
647
|
+
body.respond_to?(:close) and body.close
|
584
648
|
end
|
585
|
-
|
586
|
-
http_response_write(client, status, headers, body,
|
587
|
-
@request.response_start_sent)
|
649
|
+
|
588
650
|
unless client.closed? # rack.hijack may've close this for us
|
589
651
|
client.shutdown # in case of fork() in Rack app
|
590
652
|
client.close # flush and uncork socket immediately, no keepalive
|
591
653
|
end
|
592
654
|
rescue => e
|
593
655
|
handle_error(client, e)
|
656
|
+
ensure
|
657
|
+
env["rack.after_reply"].each(&:call) if env
|
594
658
|
end
|
595
659
|
|
596
|
-
EXIT_SIGS = [ :QUIT, :TERM, :INT ]
|
597
|
-
WORKER_QUEUE_SIGS = QUEUE_SIGS - EXIT_SIGS
|
598
|
-
|
599
660
|
def nuke_listeners!(readers)
|
600
661
|
# only called from the worker, ordering is important here
|
601
662
|
tmp = readers.dup
|
@@ -610,23 +671,22 @@ class Unicorn::HttpServer
|
|
610
671
|
def init_worker_process(worker)
|
611
672
|
worker.atfork_child
|
612
673
|
# we'll re-trap :QUIT later for graceful shutdown iff we accept clients
|
613
|
-
|
614
|
-
exit!(0)
|
615
|
-
|
674
|
+
exit_sigs = [ :QUIT, :TERM, :INT ]
|
675
|
+
exit_sigs.each { |sig| trap(sig) { exit!(0) } }
|
676
|
+
exit!(0) if (@sig_queue & exit_sigs)[0]
|
677
|
+
(@queue_sigs - exit_sigs).each { |sig| trap(sig, nil) }
|
616
678
|
trap(:CHLD, 'DEFAULT')
|
617
|
-
|
679
|
+
@sig_queue.clear
|
618
680
|
proc_name "worker[#{worker.nr}]"
|
619
681
|
START_CTX.clear
|
620
|
-
|
682
|
+
@workers.clear
|
621
683
|
|
622
684
|
after_fork.call(self, worker) # can drop perms and create listeners
|
623
|
-
LISTENERS.each { |sock| sock.
|
685
|
+
LISTENERS.each { |sock| sock.close_on_exec = true }
|
624
686
|
|
625
687
|
worker.user(*user) if user.kind_of?(Array) && ! worker.switched
|
626
|
-
self.timeout /= 2.0 # halve it for select()
|
627
688
|
@config = nil
|
628
689
|
build_app! unless preload_app
|
629
|
-
ssl_enable!
|
630
690
|
@after_fork = @listener_opts = @orig_app = nil
|
631
691
|
readers = LISTENERS.dup
|
632
692
|
readers << worker
|
@@ -638,58 +698,55 @@ class Unicorn::HttpServer
|
|
638
698
|
logger.info "worker=#{worker_nr} reopening logs..."
|
639
699
|
Unicorn::Util.reopen_logs
|
640
700
|
logger.info "worker=#{worker_nr} done reopening logs"
|
641
|
-
|
642
|
-
|
643
|
-
|
701
|
+
false
|
702
|
+
rescue => e
|
703
|
+
logger.error(e) rescue nil
|
704
|
+
exit!(77) # EX_NOPERM in sysexits.h
|
705
|
+
end
|
706
|
+
|
707
|
+
def prep_readers(readers)
|
708
|
+
wtr = Unicorn::Waiter.prep_readers(readers)
|
709
|
+
@timeout *= 500 # to milliseconds for epoll, but halved
|
710
|
+
wtr
|
711
|
+
rescue
|
712
|
+
require_relative 'select_waiter'
|
713
|
+
@timeout /= 2.0 # halved for IO.select
|
714
|
+
Unicorn::SelectWaiter.new
|
644
715
|
end
|
645
716
|
|
646
717
|
# runs inside each forked worker, this sits around and waits
|
647
718
|
# for connections and doesn't die until the parent dies (or is
|
648
719
|
# given a INT, QUIT, or TERM signal)
|
649
720
|
def worker_loop(worker)
|
650
|
-
ppid = master_pid
|
651
721
|
readers = init_worker_process(worker)
|
652
|
-
|
722
|
+
waiter = prep_readers(readers)
|
723
|
+
reopen = false
|
653
724
|
|
654
725
|
# this only works immediately if the master sent us the signal
|
655
726
|
# (which is the normal case)
|
656
|
-
trap(:USR1) {
|
727
|
+
trap(:USR1) { reopen = true }
|
657
728
|
|
658
729
|
ready = readers.dup
|
659
|
-
@
|
730
|
+
@after_worker_ready.call(self, worker)
|
660
731
|
|
661
732
|
begin
|
662
|
-
|
663
|
-
|
664
|
-
|
665
|
-
tmp = ready.dup
|
666
|
-
while sock = tmp.shift
|
733
|
+
reopen = reopen_worker_logs(worker.nr) if reopen
|
734
|
+
worker.tick = time_now.to_i
|
735
|
+
while sock = ready.shift
|
667
736
|
# Unicorn::Worker#kgio_tryaccept is not like accept(2) at all,
|
668
737
|
# but that will return false
|
669
738
|
if client = sock.kgio_tryaccept
|
670
739
|
process_client(client)
|
671
|
-
|
672
|
-
worker.tick = Time.now.to_i
|
740
|
+
worker.tick = time_now.to_i
|
673
741
|
end
|
674
|
-
break if
|
675
|
-
end
|
676
|
-
|
677
|
-
# make the following bet: if we accepted clients this round,
|
678
|
-
# we're probably reasonably busy, so avoid calling select()
|
679
|
-
# and do a speculative non-blocking accept() on ready listeners
|
680
|
-
# before we sleep again in select().
|
681
|
-
unless nr == 0
|
682
|
-
tmp = ready.dup
|
683
|
-
redo
|
742
|
+
break if reopen
|
684
743
|
end
|
685
744
|
|
686
|
-
|
687
|
-
|
688
|
-
|
689
|
-
worker.tick = Time.now.to_i
|
690
|
-
ret = IO.select(readers, nil, nil, @timeout) and ready = ret[0]
|
745
|
+
# timeout so we can .tick and keep parent from SIGKILL-ing us
|
746
|
+
worker.tick = time_now.to_i
|
747
|
+
waiter.get_readers(ready, readers, @timeout)
|
691
748
|
rescue => e
|
692
|
-
redo if
|
749
|
+
redo if reopen && readers[0]
|
693
750
|
Unicorn.log_error(@logger, "listen loop error", e) if readers[0]
|
694
751
|
end while readers[0]
|
695
752
|
end
|
@@ -698,17 +755,17 @@ class Unicorn::HttpServer
|
|
698
755
|
# is no longer running.
|
699
756
|
def kill_worker(signal, wpid)
|
700
757
|
Process.kill(signal, wpid)
|
701
|
-
|
702
|
-
|
758
|
+
rescue Errno::ESRCH
|
759
|
+
worker = @workers.delete(wpid) and worker.close rescue nil
|
703
760
|
end
|
704
761
|
|
705
762
|
# delivers a signal to each worker
|
706
763
|
def kill_each_worker(signal)
|
707
|
-
|
764
|
+
@workers.keys.each { |wpid| kill_worker(signal, wpid) }
|
708
765
|
end
|
709
766
|
|
710
767
|
def soft_kill_each_worker(signal)
|
711
|
-
|
768
|
+
@workers.each_value { |worker| worker.soft_kill(signal) }
|
712
769
|
end
|
713
770
|
|
714
771
|
# unlinks a PID file at given +path+ if it contains the current PID
|
@@ -726,11 +783,11 @@ class Unicorn::HttpServer
|
|
726
783
|
wpid <= 0 and return
|
727
784
|
Process.kill(0, wpid)
|
728
785
|
wpid
|
729
|
-
|
730
|
-
|
731
|
-
|
732
|
-
|
733
|
-
|
786
|
+
rescue Errno::EPERM
|
787
|
+
logger.info "pid=#{path} possibly stale, got EPERM signalling PID:#{wpid}"
|
788
|
+
nil
|
789
|
+
rescue Errno::ESRCH, Errno::ENOENT
|
790
|
+
# don't unlink stale pid files, racy without non-portable locking...
|
734
791
|
end
|
735
792
|
|
736
793
|
def load_config!
|
@@ -741,7 +798,7 @@ class Unicorn::HttpServer
|
|
741
798
|
config.commit!(self)
|
742
799
|
soft_kill_each_worker(:QUIT)
|
743
800
|
Unicorn::Util.reopen_logs
|
744
|
-
self.app = orig_app
|
801
|
+
self.app = @orig_app
|
745
802
|
build_app! if preload_app
|
746
803
|
logger.info "done reloading config_file=#{config.config_file}"
|
747
804
|
rescue StandardError, LoadError, SyntaxError => e
|
@@ -756,12 +813,12 @@ class Unicorn::HttpServer
|
|
756
813
|
end
|
757
814
|
|
758
815
|
def build_app!
|
759
|
-
if app.respond_to?(:arity) && app.arity == 0
|
816
|
+
if app.respond_to?(:arity) && (app.arity == 0 || app.arity == 2)
|
760
817
|
if defined?(Gem) && Gem.respond_to?(:refresh)
|
761
818
|
logger.info "Refreshing Gem list"
|
762
819
|
Gem.refresh
|
763
820
|
end
|
764
|
-
self.app = app.call
|
821
|
+
self.app = app.arity == 0 ? app.call : app.call(nil, self)
|
765
822
|
end
|
766
823
|
end
|
767
824
|
|
@@ -778,12 +835,23 @@ class Unicorn::HttpServer
|
|
778
835
|
def inherit_listeners!
|
779
836
|
# inherit sockets from parents, they need to be plain Socket objects
|
780
837
|
# before they become Kgio::UNIXServer or Kgio::TCPServer
|
781
|
-
inherited = ENV['UNICORN_FD'].to_s.split(
|
838
|
+
inherited = ENV['UNICORN_FD'].to_s.split(',')
|
839
|
+
|
840
|
+
# emulate sd_listen_fds() for systemd
|
841
|
+
sd_pid, sd_fds = ENV.values_at('LISTEN_PID', 'LISTEN_FDS')
|
842
|
+
if sd_pid.to_i == $$ # n.b. $$ can never be zero
|
843
|
+
# 3 = SD_LISTEN_FDS_START
|
844
|
+
inherited.concat((3...(3 + sd_fds.to_i)).to_a)
|
845
|
+
end
|
846
|
+
# to ease debugging, we will not unset LISTEN_PID and LISTEN_FDS
|
847
|
+
|
848
|
+
inherited.map! do |fd|
|
782
849
|
io = Socket.for_fd(fd.to_i)
|
850
|
+
io.autoclose = false
|
851
|
+
io = server_cast(io)
|
783
852
|
set_server_sockopt(io, listener_opts[sock_name(io)])
|
784
|
-
|
785
|
-
|
786
|
-
server_cast(io)
|
853
|
+
logger.info "inherited addr=#{sock_name(io)} fd=#{io.fileno}"
|
854
|
+
io
|
787
855
|
end
|
788
856
|
|
789
857
|
config_listeners = config[:listeners].dup
|
@@ -806,8 +874,20 @@ class Unicorn::HttpServer
|
|
806
874
|
# call only after calling inherit_listeners!
|
807
875
|
# This binds any listeners we did NOT inherit from the parent
|
808
876
|
def bind_new_listeners!
|
809
|
-
NEW_LISTENERS.each { |addr| listen(addr) }
|
877
|
+
NEW_LISTENERS.each { |addr| listen(addr) }.clear
|
810
878
|
raise ArgumentError, "no listeners" if LISTENERS.empty?
|
811
|
-
|
879
|
+
end
|
880
|
+
|
881
|
+
# try to use the monotonic clock in Ruby >= 2.1, it is immune to clock
|
882
|
+
# offset adjustments and generates less garbage (Float vs Time object)
|
883
|
+
begin
|
884
|
+
Process.clock_gettime(Process::CLOCK_MONOTONIC)
|
885
|
+
def time_now
|
886
|
+
Process.clock_gettime(Process::CLOCK_MONOTONIC)
|
887
|
+
end
|
888
|
+
rescue NameError, NoMethodError
|
889
|
+
def time_now # Ruby <= 2.0
|
890
|
+
Time.now
|
891
|
+
end
|
812
892
|
end
|
813
893
|
end
|