diff options
-rw-r--r-- | contrib/cirrus/lib.sh | 7 | ||||
-rwxr-xr-x | contrib/cirrus/runner.sh | 8 | ||||
-rw-r--r-- | pkg/api/handlers/compat/containers_attach.go | 33 | ||||
-rw-r--r-- | pkg/api/handlers/compat/exec.go | 31 | ||||
-rw-r--r-- | pkg/api/server/idle/tracker.go | 10 | ||||
-rw-r--r-- | pkg/api/server/server.go | 62 |
6 files changed, 90 insertions, 61 deletions
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index b57aee1af..23987938b 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -76,11 +76,12 @@ CIRRUS_CI="${CIRRUS_CI:-false}" DEST_BRANCH="${DEST_BRANCH:-master}" CONTINUOUS_INTEGRATION="${CONTINUOUS_INTEGRATION:-false}" CIRRUS_REPO_NAME=${CIRRUS_REPO_NAME:-podman} -CIRRUS_BASE_SHA=${CIRRUS_BASE_SHA:-unknown$(date +%s)} # difficult to reliably discover +# N/B: CIRRUS_BASE_SHA is empty on branch and tag push. +CIRRUS_BASE_SHA=${CIRRUS_BASE_SHA:-${CIRRUS_LAST_GREEN_CHANGE:-YOU_FOUND_A_BUG}} CIRRUS_BUILD_ID=${CIRRUS_BUILD_ID:-$RANDOM$(date +%s)} # must be short and unique -# Needed for linting and code validation -EPOCH_TEST_COMMIT=${CIRRUS_BASE_SHA:-$CIRRUS_LAST_GREEN_CHANGE} +# The starting place for linting and code validation +EPOCH_TEST_COMMIT="$CIRRUS_BASE_SHA" # Regex of env. vars. to explicitly pass when executing tests # inside a container or as a rootless user diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh index 82e512de9..17bb05019 100755 --- a/contrib/cirrus/runner.sh +++ b/contrib/cirrus/runner.sh @@ -179,7 +179,13 @@ case "$TEST_FLAVOR" in ext_svc) $SCRIPT_BASE/ext_svc_check.sh ;; smoke) make gofmt - make .gitvalidation + # There is little value to validating commits after tag-push + # and it's very difficult to automatically determine a starting commit. + # $CIRRUS_TAG is only non-empty when executing due to a tag-push + # shellcheck disable=SC2154 + if [[ -z "$CIRRUS_TAG" ]]; then + make .gitvalidation + fi ;; automation) $SCRIPT_BASE/cirrus_yaml_test.py diff --git a/pkg/api/handlers/compat/containers_attach.go b/pkg/api/handlers/compat/containers_attach.go index 4a1196c89..a4013469b 100644 --- a/pkg/api/handlers/compat/containers_attach.go +++ b/pkg/api/handlers/compat/containers_attach.go @@ -92,30 +92,29 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) { return } - idleTracker := r.Context().Value("idletracker").(*idle.Tracker) - hijackChan := make(chan bool, 1) + logErr := func(e error) { + logrus.Error(errors.Wrapf(e, "error attaching to container %s", ctr.ID())) + } // Perform HTTP attach. // HTTPAttach will handle everything about the connection from here on // (including closing it and writing errors to it). - if err := ctr.HTTPAttach(r, w, streams, detachKeys, nil, query.Stream, query.Logs, hijackChan); err != nil { - hijackComplete := <-hijackChan + hijackChan := make(chan bool, 1) + err = ctr.HTTPAttach(r, w, streams, detachKeys, nil, query.Stream, query.Logs, hijackChan) - // We can't really do anything about errors anymore. HTTPAttach - // should be writing them to the connection. - logrus.Errorf("Error attaching to container %s: %v", ctr.ID(), err) + if <-hijackChan { + // If connection was Hijacked, we have to signal it's being closed + t := r.Context().Value("idletracker").(*idle.Tracker) + defer t.Close() - if hijackComplete { - // We do need to tell the idle tracker that the - // connection has been closed, though. We can guarantee - // that is true after HTTPAttach exits. - idleTracker.Close() - } else { - // A hijack was not successfully completed. We need to - // report the error normally. - utils.InternalServerError(w, err) + if err != nil { + // Cannot report error to client as a 500 as the Upgrade set status to 101 + logErr(err) } + } else { + // If the Hijack failed we are going to assume we can still inform client of failure + utils.InternalServerError(w, err) + logErr(err) } - logrus.Debugf("Attach for container %s completed successfully", ctr.ID()) } diff --git a/pkg/api/handlers/compat/exec.go b/pkg/api/handlers/compat/exec.go index df51293c2..cc5db8efe 100644 --- a/pkg/api/handlers/compat/exec.go +++ b/pkg/api/handlers/compat/exec.go @@ -174,25 +174,26 @@ func ExecStartHandler(w http.ResponseWriter, r *http.Request) { return } - idleTracker := r.Context().Value("idletracker").(*idle.Tracker) - hijackChan := make(chan bool, 1) + logErr := func(e error) { + logrus.Error(errors.Wrapf(e, "error attaching to container %s exec session %s", sessionCtr.ID(), sessionID)) + } - if err := sessionCtr.ExecHTTPStartAndAttach(sessionID, r, w, nil, nil, nil, hijackChan); err != nil { - hijackComplete := <-hijackChan + hijackChan := make(chan bool, 1) + err = sessionCtr.ExecHTTPStartAndAttach(sessionID, r, w, nil, nil, nil, hijackChan) - logrus.Errorf("Error attaching to container %s exec session %s: %v", sessionCtr.ID(), sessionID, err) + if <-hijackChan { + // If connection was Hijacked, we have to signal it's being closed + t := r.Context().Value("idletracker").(*idle.Tracker) + defer t.Close() - if hijackComplete { - // We do need to tell the idle tracker that the - // connection has been closed, though. We can guarantee - // that is true after HTTPAttach exits. - idleTracker.Close() - } else { - // A hijack was not successfully completed. We need to - // report the error normally. - utils.InternalServerError(w, err) + if err != nil { + // Cannot report error to client as a 500 as the Upgrade set status to 101 + logErr(err) } + } else { + // If the Hijack failed we are going to assume we can still inform client of failure + utils.InternalServerError(w, err) + logErr(err) } - logrus.Debugf("Attach for container %s exec session %s completed successfully", sessionCtr.ID(), sessionID) } diff --git a/pkg/api/server/idle/tracker.go b/pkg/api/server/idle/tracker.go index 1b378c492..50e41b7bf 100644 --- a/pkg/api/server/idle/tracker.go +++ b/pkg/api/server/idle/tracker.go @@ -61,10 +61,14 @@ func (t *Tracker) ConnState(conn net.Conn, state http.ConnState) { oldActive := t.ActiveConnections() // Either the server or a hijacking handler has closed the http connection to a client - if _, found := t.managed[conn]; found { - delete(t.managed, conn) - } else { + if conn == nil { t.hijacked-- // guarded by t.mux above + } else { + if _, found := t.managed[conn]; found { + delete(t.managed, conn) + } else { + logrus.Warnf("IdleTracker %p: StateClosed transition by un-managed connection", conn) + } } // Transitioned from any "active" connection to no connections diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go index 09a9f6370..355a46fb7 100644 --- a/pkg/api/server/server.go +++ b/pkg/api/server/server.go @@ -8,9 +8,9 @@ import ( "net/http" "os" "os/signal" - "runtime" goRuntime "runtime" "strings" + "sync" "syscall" "time" @@ -42,13 +42,19 @@ const ( UnlimitedServiceDuration = 0 * time.Second ) +// shutdownOnce ensures Shutdown() may safely be called from several go routines +var shutdownOnce sync.Once + // NewServer will create and configure a new API server with all defaults func NewServer(runtime *libpod.Runtime) (*APIServer, error) { return newServer(runtime, DefaultServiceDuration, nil) } // NewServerWithSettings will create and configure a new API server using provided settings -func NewServerWithSettings(runtime *libpod.Runtime, duration time.Duration, listener *net.Listener) (*APIServer, error) { +func NewServerWithSettings(runtime *libpod.Runtime, duration time.Duration, listener *net.Listener) ( + *APIServer, + error, +) { return newServer(runtime, duration, listener) } @@ -180,7 +186,7 @@ func (s *APIServer) Serve() error { go func() { <-s.idleTracker.Done() - logrus.Debugf("API Server idle for %v", s.idleTracker.Duration) + logrus.Debugf("API Server idle for %s", s.idleTracker.Duration.Round(time.Second).String()) _ = s.Shutdown() }() @@ -224,31 +230,43 @@ func (s *APIServer) Serve() error { // Shutdown is a clean shutdown waiting on existing clients func (s *APIServer) Shutdown() error { if s.idleTracker.Duration == UnlimitedServiceDuration { - logrus.Debug("APIServer.Shutdown ignored as Duration is UnlimitedService.") + logrus.Debug("APIServer.Shutdown ignored as Duration is UnlimitedService") return nil } - // Gracefully shutdown server(s), duration of wait same as idle window - // TODO: Should we really wait the idle window for shutdown? - ctx, cancel := context.WithTimeout(context.Background(), s.idleTracker.Duration) - defer cancel() + shutdownOnce.Do(func() { + if logrus.IsLevelEnabled(logrus.DebugLevel) { + _, file, line, _ := goRuntime.Caller(1) + logrus.Debugf("APIServer.Shutdown by %s:%d, %d/%d connection(s)", + file, line, s.idleTracker.ActiveConnections(), s.idleTracker.TotalConnections()) - if logrus.IsLevelEnabled(logrus.DebugLevel) { - _, file, line, _ := runtime.Caller(1) - logrus.Debugf("APIServer.Shutdown by %s:%d, %d/%d connection(s)", - file, line, s.idleTracker.ActiveConnections(), s.idleTracker.TotalConnections()) - if err := s.pprof.Shutdown(ctx); err != nil { - logrus.Warn("Failed to cleanly shutdown pprof Server: " + err.Error()) + go func() { + ctx, cancel := context.WithTimeout(context.Background(), s.idleTracker.Duration) + go func() { + defer cancel() + if err := s.pprof.Shutdown(ctx); err != nil { + logrus.Warn( + errors.Wrapf(err, "failed to cleanly shutdown pprof Server")) + } + }() + <-ctx.Done() + }() } - } - go func() { - err := s.Server.Shutdown(ctx) - if err != nil && err != context.Canceled && err != http.ErrServerClosed { - logrus.Error("Failed to cleanly shutdown APIServer: " + err.Error()) - } - }() - <-ctx.Done() + // Gracefully shutdown server(s), duration of wait same as idle window + ctx, cancel := context.WithTimeout(context.Background(), s.idleTracker.Duration) + go func() { + defer cancel() + + err := s.Server.Shutdown(ctx) + if err != nil && err != context.Canceled && err != http.ErrServerClosed { + logrus.Error( + errors.Wrapf(err, "failed to cleanly shutdown APIServer")) + } + }() + <-ctx.Done() + }) + return nil } |