about summary refs log tree commit homepage
DateCommit message (Collapse)
2013-10-25tests: limit oobgc check to accepted sockets
Otherwise these tests fail if we start using IO#autoclose=true on Ruby 1.9 (and also if we use IPv6 sockets for tests).
2013-10-24attempt to rename PID file when possible
This will preserve mtime on successful renames for comparisions. While we're at it, avoid writing the new PID until the listeners are inherited successfully. This can be useful to avoid accidentally clobbering a good PID if binding the listener or building the app (preload_app==true) fails
2013-10-20workaround reopen atomicity issues for stdio vs non-stdio
In multithreaded apps, we must use dup2/dup3 with a temporary descriptor to reopen log files atomically. This is the only way to protect all concurrent userspace access to a file when reopening. ref: http://bugs.ruby-lang.org/issues/9036 ref: yahns commit bcb10abe53cfb1d6a8ef7daef59eb10ced397c8a
2013-09-30Rakefile: kill raa_update task
RAA is dead.
2013-09-11tests: upgrade several gems (rack, kgio, raindrops)
All tests seem to pass.
2013-09-04Sandbox: document SIGUSR2 + bundler issue with 2.0.0
Thanks to Eric Chapweske for the heads up. ref: http://mid.gmane.org/loom.20130904T205308-432@post.gmane.org
2013-08-17test_util: fix encoding test for Ruby trunk (2.1.0dev)
As of r40610 in ruby trunk, internal encoding is ignored if external coding is ASCII-8BIT (binary) ref: r40610 http://svn.ruby-lang.org/repos/ruby/trunk
2013-08-17http_server: improve handling of client-triggerable socket errors
We do not attempt to write HTTP responses for socket errors if clients disconnect from us unexpectedly. Additionally, we do not hide backtraces EINVAL/EBADF errors, since they are indicative of real bugs which must be fixed. We do continue to hide hide EOF, ECONNRESET, ENOTCONN, and EPIPE because clients (even "friendly") ones will break connections due to client crashes or network failure (which is common for me :P), and the backtraces from those will cause excessive logging and even become a DoS vector.
2013-06-21unicorn 4.6.3 - fix --no-default-middleware option v4.6.3
Thanks to Micah Chalmer for this fix. There are also minor documentation updates and internal cleanups.
2013-06-07Make -N/--no-default-middleware option work
This fixes the -N (a.k.a. --no-defaut-middleware) option, which was not working. The problem was that Unicorn::Configurator::RACKUP is cleared before the lambda returned by Unicorn.builder is run, which means that checking whether the :no_default_middleware option was set from the lambda could not detect anything. This patch copies it to a local variable that won't get clobbered, restoring the feature. [ew: squashed test commit into the fix, whitespace fixes] Signed-off-by: Eric Wong <normalperson@yhbt.net>
2013-05-08HttpParser#next? becomes response_start_sent-aware
This could allow servers with persistent connection support[1] to support our check_client_connection in the future. [1] - Rainbows!/zbatery, possibly others
2013-05-04test_signals: increase delay between Process.kill
Otherwise, the signalled process may take too long to react to and process all the signals on machines with few CPUs.
2013-04-05doc: update documentation for systemd + PrivateTmp users
The PrivateTmp feature of systemd breaks the usage of /tmp for the shared Unix domain socket between nginx and unicorn, so discourage the use of /tmp in that case. While we're at it, use consistent paths for everything and use an obviously intended-for-user-customization "/path/to" prefix instead of "/tmp" ML-Ref: CAKLVLx_t+9zWMhquMWDfStrxS7xrNoGmN0ZDsjSCUE=VxU+oyQ@mail.gmail.com Reported-by: David Wilkins <dwilkins@conecuh.com>
2013-02-26unicorn 4.6.2 - HTTP parser fix for Rainbows! v4.6.2
This release fixes a bug in Unicorn::HttpParser#filter_body which affected some configurations of Rainbows! There is also a minor size reduction in the DSO.
2013-02-26http: avoid frozen string bug in filter_body
Our rb_str_modify() became no-ops due to incomplete reverts of workarounds for old Rubinius, causing rb_str_set_len to fail with: can't set length of shared string (RuntimeError) This bug was introduced due to improper workarounds for old versions of Rubinius in 2009 and 2010: commit 5e8979ad38efdc4de3a69cc53aea33710d478406 ("http: cleanups for latest Rubinius") commit f37c23704cb73d57e9e478295d1641df1d9104c7 ("http: no-op rb_str_modify() for Rubies without it")
2013-02-24httpdate: minor size reduction in DSO
Extra pointers waste space in the DSO. Normally I wouldn't care, but the string lengths are identical and this code already made it into another project in this form. size(1) output: text data bss dec hex filename before: 42881 2040 336 45257 b0c9 unicorn_http.so after: 42499 1888 336 44723 aeb3 unicorn_http.so ref: http://www.akkadia.org/drepper/dsohowto.pdf
2013-02-21unicorn 4.6.1 - minor cleanups v4.6.1
Unicorn::Const::UNICORN_VERSION is now auto-generated from GIT-VERSION-GEN and always correct. Minor cleanups for hijacking.
2013-02-09http_request: drop conditional assignment for hijack
As far as I can tell, this was never necessary.
2013-02-08http_request: remove FIXME for rack.version clarification
commit a9474624a148fe58e0944664190b259787dcf51e in rack.git
2013-02-08auto-generate Unicorn::Const::UNICORN_VERSION
This DRYs out our code and prevents snafus like the 4.6.0 release where UNICORN_VERSION stayed at 4.5.0 Reported-by: Maurizio De Santis <m.desantis@morganspa.com>
2013-02-06unicorn 4.6.0 - hijacking support v4.6.0
This pre-release adds hijacking support for Rack 1.5 users. See Rack documentation for more information about hijacking. There is also a new --no-default-middleware/-N option for the `unicorn' command to ignore RACK_ENV within unicorn thanks to Lin Jen-Shin. There are only documentation and test-portability updates since 4.6.0pre1, no code changes.
2013-02-04tests: "wc -l" portability for *BSDs
On FreeBSD 9.0, "wc -l" emits leading whitespace, so filter it through tr -d '[:space:]' to eliminate it.
2013-02-04tests: "wc -c" portability for *BSDs
On FreeBSD 9.0, "wc -c" emits leading whitespace, so filter it through tr -d '[:space:]' to eliminate it. This is commit 8a6117a22a7d01eeb5adc63d3152acf435cd3176 in rainbows.git
2013-02-04tests: replace non-portable "date +%s" with ruby equivalent
"date +%s" is not in POSIX (it is in GNU, and at least FreeBSD 9.0, possibly earlier). The Ruby equivalent should be sufficiently portable between different Ruby versions. This change was automated via: perl -i -p -e 's/date \+%s/unix_time/' t/*.sh This is commit 0ba6fc3c30b9cf530faf7fcf5ce7be519ec13fe7 in rainbows.git
2013-02-04tests: remove utee
POSIX already stipulates tee(1) must be unbuffered. I think my decision to use utee was due to my being misled by a bug in older curl where -N did not work as advertised (but --no-buffer did). N.B. we don't use tee in unicorn tests, this just matches commit cbff7b0892148b037581541184364e0e91d2a138 in rainbows
2013-01-29manpage: update middleware-related documentation
-N/--no-default-middleware needs a corresponding manpage entry. Additionally, the Rack::Chunked/ContentLength middleware comment is out-of-date as of unicorn v4.1.0
2013-01-29unicorn 4.6.0pre1 - hijacking support v4.6.0pre1
This pre-release adds hijacking support for Rack 1.5 users. See Rack documentation for more information about hijacking. There is also a new --no-default-middleware/-N option for the `unicorn' command to ignore RACK_ENV within unicorn.
2013-01-29Merge branch 'hijack'
* hijack: ignore normal Rack response at request-time hijack support for Rack hijack in request and response
2013-01-29Add -N or --no-default-middleware option.
This would prevent Unicorn from adding default middleware, as if RACK_ENV were always none. (not development nor deployment) This should also be applied to `rainbows' and `zbatery' as well. One of the reasons to add this is to avoid conflicting RAILS_ENV and RACK_ENV. It would be helpful in the case where a Rails application and Rack application are composed together, while we want Rails app runs under development and Rack app runs under none (if we don't want those default middleware), and we don't really want to make RAILS_ENV set to development and RACK_ENV to none because it might be confusing. Note that Rails would also look into RACK_ENV. Another reason for this is that only `rackup' would be inserting those default middleware. Both `thin' and `puma' would not do this, nor does Rack::Handler.get.run which is used in Sinatra. So using this option would make it work differently from `rackup' but somehow more similar to `thin' or `puma'. Discussion thread on the mailing list: http://rubyforge.org/pipermail/mongrel-unicorn/2013-January/001675.html Signed-off-by: Eric Wong <normalperson@yhbt.net>
2013-01-29test_exec: do not count '\n' as column width
This off-by-one error was incorrectly rejecting a line which would've been readable without wrapping on an 80-column terminal.
2013-01-29tests: upgrade to rack 1.5.1
This fixes a Rack::Lint regression discovered in t0005.
2013-01-22ignore normal Rack response at request-time hijack
Once a connection is hijacked, we ignore it completely and leave the connection at the mercy of the application.
2013-01-22support for Rack hijack in request and response
Rack 1.5.0 (protocol version [1,2]) adds support for hijacking the client socket (removing it from the control of unicorn (or any other Rack webserver)). Tested with rack 1.5.0.
2013-01-22tests: version bumps for rack, kgio, and raindrops
Ensure the latest versions work in tests.
2013-01-07tests: bump tests to use rack 1.4.3
It's the latest and greatest! \o/
2012-12-07unicorn 4.5.0 - check_client_connection option v4.5.0
The new check_client_connection option allows unicorn to detect most disconnected local clients before potentially expensive application processing begins. This feature is useful for applications experiencing spikes of traffic leading to undesirable queue times, as clients will disconnect (and perhaps even retry, compounding the problem) before unicorn can even start processing the request. To enable this feature, add the following line to a unicorn config file: check_client_connection true This feature only works when nginx (or any other HTTP/1.0+ client) is on the same machine as unicorn. A huge thanks to Tom Burns for implementing and testing this change in production with real traffic (including mitigating an unexpected DoS attack). ref: http://mid.gmane.org/CAK4qKG3rkfVYLyeqEqQyuNEh_nZ8yw0X_cwTxJfJ+TOU+y8F+w@mail.gmail.com This release fixes broken Rainbows! compatibility in 4.5.0pre1.
2012-12-04gemspec: enable licenses metadata attribute
This enables compatibility with metadata scanners such as LicenseFinder[1]. The previously commented-out accessor was commented out in September 2009 when ancient RubyGems were more prevalent. By now (December 2012), those ancient versions of RubyGems are unlikely to be around. [1] https://github.com/pivotal/LicenseFinder [ew: rewritten commit message] Signed-off-by: Eric Wong <normalperson@yhbt.net>
2012-12-04README: clarify license and copyright
Since Ruby 1.9.3, (Matz) Ruby is licensed under a 2-clause BSDL. Thus we need to clarify we inherited the license terms from Ruby 1.8 to prevent misunderstanding. (The Ruby license change cannot alter the license of other projects automatically) Since we added the GPLv3 as an additional license in 2011, the license terms of unicorn no longer matches Mongrel 1.1.5. This is NOT a change to the unicorn license at all, just a wording clarification.
2012-12-04fix const error responses for Rainbows!
Rainbows! relies on the ERROR_XXX_RESPONSE constants of unicorn 4.x. Changing the constants in unicorn 4.x will break existing versions of Rainbows!, so remove the dependency on the constants and generate the error response dynamically. Unlike Mongrel, unicorn is unlikely to see malicious traffic and thus unlikely to benefit from making error messages constant. For unicorn 5.x, we will drop these constants entirely. (Rainbows! most likely cannot support check_client_connection consistently across all concurrency models since some of them pessimistically buffer all writes in userspace. However, the extra concurrency of Rainbows! makes it less likely to be overloaded than unicorn, so this feature is likely less useful for Rainbows!)
2012-11-29unicorn 4.5.0pre1 - check_client_connection option v4.5.0pre1
The new check_client_connection option allows unicorn to detect most disconnected clients before potentially expensive application processing begins. This feature is useful for applications experiencing spikes of traffic leading to undesirable queue times, as clients will disconnect (and perhaps even retry, compounding the problem) before unicorn can even start processing the request. To enable this feature, add the following line to a unicorn config file: check_client_connection true A huge thanks to Tom Burns for implementing and testing this change in production with real traffic (including mitigating an unexpected DoS attack).
2012-11-29check_client_connection: document local-only requirement
In my testing, only dropped clients over Unix domain sockets or loopback TCP were detected with this option. Since many nginx+unicorn combinations run on the same host, this is not a problem. Furthermore, tcp_nodelay:true appears to work over loopback, so remove the requirement for tcp_nodelay:false.
2012-11-29Begin writing HTTP request headers early to detect disconnected clients
This patch checks incoming connections and avoids calling the application if the connection has been closed. It works by sending the beginning of the HTTP response before calling the application to see if the socket can successfully be written to. By enabling this feature users can avoid wasting application rendering time only to find the connection is closed when attempting to write, and throwing out the result. When a client disconnects while being queued or processed, Nginx will log HTTP response 499 but the application will log a 200. Enabling this feature will minimize the time window during which the problem can arise. The feature is disabled by default and can be enabled by adding 'check_client_connection true' to the unicorn config. [ew: After testing this change, Tom Burns wrote: So we just finished the US Black Friday / Cyber Monday weekend running unicorn forked with the last version of the patch I had sent you. It worked splendidly and helped us handle huge flash sales without increased response time over the weekend. Whereas in previous flash traffic scenarios we would see the number of HTTP 499 responses grow past the number of real HTTP 200 responses, over the weekend we saw no growth in 499s during flash sales. Unexpectedly the patch also helped us ward off a DoS attack where the attackers were disconnecting immediately after making a request. ref: <CAK4qKG3rkfVYLyeqEqQyuNEh_nZ8yw0X_cwTxJfJ+TOU+y8F+w@mail.gmail.com> ] Signed-off-by: Eric Wong <normalperson@yhbt.net>
2012-11-13tests: remove assert_nothing_raised (part 2)
assert_nothing_raised ends up hiding errors and backtraces, making things harder to debug. Since Test::Unit already fails on uncaught exceptions, there is no need to assert on the lack of exceptions for a successful test run. This is a followup to commit 5acf5522295c947d3118926d1a1077007f615de9
2012-10-11Rakefile: fm_update task updated for HTTPS
Freecode.com now requires HTTPS.
2012-10-11unicorn 4.4.0 - minor updates v4.4.0
Non-regular files are no longer reopened on SIGUSR1. This allows users to specify FIFOs as log destinations. TCP_NOPUSH/TCP_CORK is no longer set/unset by default. Use :tcp_nopush explicitly with the "listen" directive if you wish to enable TCP_NOPUSH/TCP_CORK. Listen sockets are now bound _after_ loading the application for preload_app(true) users. This prevents load balancers from sending traffic to an application server while the application is still loading. There are also minor test suite cleanups.
2012-10-01util: only consider regular files as logs
If a user specifies a non-regular file for stderr_path or stdout_path, we should not attempt to reopen or chown it. This should also allow users to specify FIFOs as log destinations.
2012-08-06avoid assert_nothing_raised in unit tests
It's better to show errors and backtraces when stuff breaks
2012-08-06do not touch TCP_NOPUSH/TCP_CORK at all by default
On a certain FreeBSD 8.1 installation, explicitly setting TCP_NOPUSH to zero (off) can cause EADDRNOTAVAIL errors and also resets the listen backlog to 5. Enabling TCP_NOPUSH explicitly did not exhibit this issue for the user who (privately) reported this issue. To be on the safe side, we won't set/unset TCP_NOPUSH/TCP_CORK at all, which will leave it off on all current systems.
2012-08-02bind listeners after loading for preload_app users
In the case where preload_app is true, delay binding new listeners until after loading the application. Some applications have very long load times (especially Rails apps with Ruby 1.9.2). Binding listeners early may cause a load balancer to incorrectly believe the unicorn workers are ready to serve traffic even while the app is being loaded. Once a listener is bound, connect() requests from the load balancer succeed until the listen backlog is filled. This allows requests to pile up for a bit (depending on backlog size) before getting rejected by the kernel. By the time the application is loaded and ready-to-run, requests in the listen backlog are likely stale and not useful to process. Processes inheriting listeners do not suffer this effect, as the old process should still be capable of serving new requests. This change does not improve the situation for the preload_app=false (default) use case. There may not be a solution for preload_app=false users using large applications. Fortunately Ruby 1.9.3+ improves load times of large applications significantly over 1.9.2 so this should be less of a problem in the future. Reported via private email sent on 2012-06-29T22:59:10Z
2012-07-28remove Rails-oriented integration tests
It's too much overhead to keep Rails-specific tests working, especially when it's hauling in an ancient version of SQLite3. Since Rails 3 has settled down with Rack and unicorn_rails is unlikely to need changing in the future, we can drop these tests.