Date | Commit message (Collapse) |
|
Mostly identical to 5.5.0.pre1, which I didn't hear any feedback
from:
https://bogomips.org/unicorn-public/20181220222842.GA27382@dcvr/
> Jeremy Evans contributed the "default_middleware" configuration option:
>
> https://bogomips.org/unicorn-public/20180913192055.GD48926@jeremyevans.local/
>
> Jeremy also contributed the ability to use separate groups for the process
> and log files:
>
> https://bogomips.org/unicorn-public/20180913192449.GE48926@jeremyevans.local/
>
> There's also a couple of uninteresting minor optimizations and
> documentation additions.
Otherwise, there's one extra change to use
rb_gc_register_mark_object which is finally a documented part of
the Ruby C-API, but has existed since the 1.9 days.
|
|
Jeremy Evans contributed the "default_middleware" configuration option:
https://bogomips.org/unicorn-public/20180913192055.GD48926@jeremyevans.local/
Jeremy also contributed the ability to use separate groups for the process
and log files:
https://bogomips.org/unicorn-public/20180913192449.GE48926@jeremyevans.local/
There's also a couple of uninteresting minor optimizations and
documentation additions.
Eric Wong (10):
remove random seed reset atfork
use IO#wait instead of kgio_wait_readable
Merge branch '5.4-stable'
shrink pipes under Linux
socket_helper: add hint for FreeBSD users for accf_http(9)
tests: ensure -N/--no-default-middleware not supported in config.ru
doc: update more URLs to use HTTPS and avoid redirects
deduplicate strings VM-wide in Ruby 2.5+
doc/ISSUES: add links to git clone-able mail archives of our dependencies
README: minor updates and additional disclaimer
Jeremy Evans (2):
Make Worker#user support different process primary group and log file group
Support default_middleware configuration option
|
|
This release quiets some warnings for Ruby 2.6 preview releases
and enables tests to pass under Ruby 1.9.3. Otherwise, nothing
interesting for Ruby 2.0..2.5 users. *YAWN*
Eric Wong (1):
quiet some mismatched indentation warnings
Fumiaki MATSUSHIMA (1):
Use IO#wait instead to fix test for Ruby 1.9
|
|
Rack hijack support improves as the app code can capture and use
the Rack `env' privately without copying it (to avoid clobbering
by another client). Thanks to Sam Saffron for reporting and
testing this new feature:
https://bogomips.org/unicorn-public/CAAtdryPG3nLuyo0jxfYW1YHu1Q+ZpkLkd4KdWC8vA46B5haZxw@mail.gmail.com/T/
We also now support $DEBUG being set by the Rack app (instead of
relying on the "-d" CLI switch). Thanks to James P Robinson Jr
for reporting this bug:
https://bogomips.org/unicorn-public/D6324CB4.7BC3E%25james.robinson3@cigna.com/T/
(Coincidentally, this fix will be irrelevant for Ruby 2.5
which requires 'pp' by default)
There's a few minor test cleanups and documentation updates, too.
All commits since v5.3.1 (2017-10-03):
reduce method calls with String#start_with?
require 'pp' if $DEBUG is set by Rack app
avoid reusing env on hijack
tests: cleanup some unused variable warnings
ISSUES: add a note about Debian BTS interopability
Roughly all mailing discussions since the last release:
https://bogomips.org/unicorn-public/?q=d:20171004..20171223
|
|
A couple of portability fixes from Dylan Thacker-Smith and
Jeremy Evans since 5.3.0.pre1 over a week ago, but this looks
ready for a stable release, today.
When I started this over 8 years ago, I wondered if this would
just end up being an April Fools' joke. Guess not. I guess I
somehow tricked people into using a terribly marketed web server
that cannot talk directly to untrusted clients :x Anyways,
unicorn won't be able to handle slow clients 8 years from now,
either, or 80 years from now. And I vow never to learn to use
new-fangled things like epoll, kqueue, or threads :P
Anyways, this is a largish release with several new features,
and no backwards incompatibilities.
Simon Eskildsen contributed heavily using TCP_INFO under Linux
to implement the (now 5 year old) check_client_connection feature:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-check_client_connection
https://bogomips.org/unicorn-public/?q=s:check_client_connection&d:..20170401&x=t
This also led to FreeBSD and OpenBSD portability improvements in
one of our dependencies, raindrops:
https://bogomips.org/raindrops-public/20170323024829.GA5190@dcvr/T/#u
Jeremy Evans contributed several new features. First he
implemented after_worker_exit to aid debugging:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-after_worker_exit
https://bogomips.org/unicorn-public/?q=s:after_worker_exit&d:..20170401&x=t#t
And then security-related features to isolate workers. Workers
may now chroot to drop access to the master filesystem, and the
new after_worker_ready configuration hook now exists to aid with
chroot support in workers:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-after_worker_ready
https://bogomips.org/unicorn/Unicorn/Worker.html#method-i-user
https://bogomips.org/unicorn-public/?q=s:after_worker_ready&d:..20170401&x=t#t
https://bogomips.org/unicorn-public/?q=s:chroot&d:..20170401&x=t#t
Additionally, workers may run in a completely different VM space
(nullifying preload_app and any CoW savings) with the new
worker_exec option:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-worker_exec
https://bogomips.org/unicorn-public/?q=s:worker_exec&d:..20170401&x=t#t
There are also several improvements to FreeBSD and OpenBSD
support with the addition of these features.
shortlog of changes since v5.2.0 (2016-10-31):
Dylan Thacker-Smith (1):
Check for Socket::TCP_INFO constant before trying to get TCP_INFO
Eric Wong (30):
drop rb_str_set_len compatibility replacement
TUNING: document THP caveat for Linux users
tee_input: simplify condition for IO#write
remove response_start_sent
http_request: freeze constant strings passed IO#write
Revert "remove response_start_sent"
t/t0012-reload-empty-config.sh: access ivars directly if needed
t0011-active-unix-socket.sh: fix race condition in test
new test for check_client_connection
revert signature change to HttpServer#process_client
support "struct tcp_info" on non-Linux and Ruby 2.2+
unicorn_http: reduce rb_global_variable calls
oob_gc: rely on opt_aref_with optimization on Ruby 2.2+
http_request: reduce insn size for check_client_connection
freebsd: avoid EINVAL when setting accept filter
test-lib: expr(1) portability fix
tests: keep disabled tests defined
test_exec: SO_KEEPALIVE value only needs to be true
doc: fix links to raindrops project
http_request: support proposed Raindrops::TCP states on non-Linux
ISSUES: expand on mail archive info + subscription disclaimer
test_ccc: use a pipe to synchronize test
doc: remove private email support address
input: update documentation and hide internals.
http_server: initialize @pid ivar
gemspec: remove olddoc from build dependency
doc: add version annotations for new features
unicorn 5.3.0.pre1
doc: note after_worker_exit is also 5.3.0+
test_exec: SO_KEEPALIVE value only needs to be true (take #2)
Jeremy Evans (7):
Add after_worker_exit configuration option
Fix code example in after_worker_exit documentation
Add support for chroot to Worker#user
Add after_worker_ready configuration option
Add worker_exec configuration option
Don't pass a block for fork when forking workers
Check for SocketError on first ccc attempt
Simon Eskildsen (1):
check_client_connection: use tcp state on linux
|
|
A largish release with several new features.
Simon Eskildsen contributed heavily using TCP_INFO under Linux
to implement the (now 5 year old) check_client_connection feature:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-check_client_connection
https://bogomips.org/unicorn-public/?q=s:check_client_connection&d:..20170324&x=t
This also led to FreeBSD and OpenBSD portability improvements in
one of our dependencies, raindrops:
https://bogomips.org/raindrops-public/20170323024829.GA5190@dcvr/T/#u
Jeremy Evans contributed several new features. First he
implemented after_worker_exit to aid debugging:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-after_worker_exit
https://bogomips.org/unicorn-public/?q=s:after_worker_exit&d:..20170324&x=t#t
And then security-related features to isolate workers. Workers
may now chroot to drop access to the master filesystem, and the
new after_worker_ready configuration hook now exists to aid with
chroot support in workers:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-after_worker_ready
https://bogomips.org/unicorn/Unicorn/Worker.html#method-i-user
https://bogomips.org/unicorn-public/?q=s:after_worker_ready&d:..20170324&x=t#t
https://bogomips.org/unicorn-public/?q=s:chroot&d:..20170324&x=t#t
Additionally, workers may run in a completely different VM space
(nullifying preload_app and any CoW savings) with the new
worker_exec option:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-worker_exec
https://bogomips.org/unicorn-public/?q=s:worker_exec&d:..20170324&x=t#t
There are also several improvements to FreeBSD and OpenBSD
support with the addition of these features.
34 changes since 5.2.0 (2016-10-31):
Eric Wong (27):
drop rb_str_set_len compatibility replacement
TUNING: document THP caveat for Linux users
tee_input: simplify condition for IO#write
remove response_start_sent
http_request: freeze constant strings passed IO#write
Revert "remove response_start_sent"
t/t0012-reload-empty-config.sh: access ivars directly if needed
t0011-active-unix-socket.sh: fix race condition in test
new test for check_client_connection
revert signature change to HttpServer#process_client
support "struct tcp_info" on non-Linux and Ruby 2.2+
unicorn_http: reduce rb_global_variable calls
oob_gc: rely on opt_aref_with optimization on Ruby 2.2+
http_request: reduce insn size for check_client_connection
freebsd: avoid EINVAL when setting accept filter
test-lib: expr(1) portability fix
tests: keep disabled tests defined
test_exec: SO_KEEPALIVE value only needs to be true
doc: fix links to raindrops project
http_request: support proposed Raindrops::TCP states on non-Linux
ISSUES: expand on mail archive info + subscription disclaimer
test_ccc: use a pipe to synchronize test
doc: remove private email support address
input: update documentation and hide internals.
http_server: initialize @pid ivar
gemspec: remove olddoc from build dependency
doc: add version annotations for new features
Jeremy Evans (6):
Add after_worker_exit configuration option
Fix code example in after_worker_exit documentation
Add support for chroot to Worker#user
Add after_worker_ready configuration option
Add worker_exec configuration option
Don't pass a block for fork when forking workers
Simon Eskildsen (1):
check_client_connection: use tcp state on linux
|
|
Most notably, this release allows us to support requests with
lines delimited by LF-only, as opposed to the standard CRLF
pair and allowed by RFC 2616 sec 19.3.
Thanks to Mishael A Sibiryakov for the explanation and change:
https://bogomips.org/unicorn-public/1476954332.1736.156.camel@junki.org/
Thanks to Let's Encrypt, the website also moves to HTTPS
<https://bogomips.org/unicorn/> to improve reader privacy. The
"unicorn.bogomips.org" subdomain will be retired soon to reduce
subjectAltName bloat and speed up certificate renewals.
There's also the usual round of documentation and example
updates, too.
Eric Wong (7):
examples/init.sh: update to reduce upgrade raciness
doc: systemd should only kill master in example
examples/logrotate.conf: update example for systemd
doc: update gmane URLs to point to our own archives
relocate website to https://bogomips.org/unicorn/
TODO: remove Rack 2.x item
build: "install-gem" target avoids network
Mishael A Sibiryakov (1):
Add some tolerance (RFC2616 sec. 19.3)
|
|
Note: no code changes since 5.1.0.pre1 from January.^WNo, wait,
last minute performance improvement added today. See below.
The big change is rack is not required (but still recommended).
Applications are expected to depend on rack on their own so they can
specify the version of rack they prefer without unicorn pulling
in a newer, potentially incompatible version.
unicorn will always attempt to work with multiple versions of rack
as practical.
The HTTP parser also switched to using the TypedData C-API for
extra type safety and memory usage accounting support in the
'objspace' extension.
Thanks to Adam Duke to bringing the rack change to our attention
and Aaron Patterson for helping with the matter.
Last minute change: we now support the new leftpad() syscall under
Linux for major performance and security improvement:
http://mid.gmane.org/1459463613-32473-1-git-send-email-richard@nod.at
8^H9 changes since 5.0.1:
http: TypedData C-API conversion
various documentation updates
doc: bump olddoc to ~> 1.2 for extra NNTP URL
rack is optional at runtime, required for dev
doc update for ClientShutdown exceptions class
unicorn 5.1.0.pre1 - rack is optional, again
doc: reference --keep-file-descriptors for "bundle exec"
doc: further trimming to reduce noise
use leftpad Linux syscall for speed!
|
|
The big change is rack is not required (but still recommended).
Applications are expected to depend on rack on their own so they can
specify the version of rack they prefer without unicorn pulling
in a newer, potentially incompatible version.
unicorn will always attempt to work with multiple versions of rack
as practical.
The HTTP parser also switched to using the TypedData C-API for
extra type safety and memory usage accounting support in the
'objspace' extension.
Thanks to Adam Duke to bringing the rack change to our attention
and Aaron Patterson for helping with the matter.
There might be more documentation-related changes before 5.1.0
final. I am considering dropping pandoc from manpage generation
and relying on pod2man (from Perl) because it has a wider install
base.
5 changes since v5.0.1:
http: TypedData C-API conversion
various documentation updates
doc: bump olddoc to ~> 1.2 for extra NNTP URL
rack is optional at runtime, required for dev
doc update for ClientShutdown exceptions class
|
|
Once again, we allow nil values in response headers. We've had
this bug since March 2009, and thus cannot expect existing
applications and middlewares running unicorn to fix this.
Unfortunately, supporting this bug contributes to application
server lock-in, but at least we'll document it as such.
Thanks to Owen Ou <o@heroku.com> for reporting this regression:
http://bogomips.org/unicorn-public/CAO47=rJa=zRcLn_Xm4v2cHPr6c0UswaFC_omYFEH+baSxHOWKQ@mail.gmail.com/
Additionally, systemd examples are now in the examples/ directory
based on a post by Christos Trochalakis <yatiohi@ideopolis.gr>:
http://bogomips.org/unicorn-public/20150708130821.GA1361@luke.ws.skroutz.gr/
|
|
An evolutionary dead-end since its announcement[1] nearly six years
ago, this old-fashioned preforker has had enough bugs and missteps
that it's managed to hit version 5!
I wish I could say unicorn 5 is leaps and bounds better than 4, but
it is not. This major version change allows us to drop some cruft
and unused features which accumulated over the years, resulting in
several kilobytes of memory saved[2]!
Compatibility:
* The horrible, proprietary (:P) "Status:" response header is
finally gone, saving at least 16 precious bytes in every HTTP
response. This should make it easier to write custom HTTP clients
which are compatible across all HTTP servers. It will hopefully
make migrating between different Rack servers easier for new
projects.
* Ruby 1.8 support removed. Ruby 1.9.3 is currently the earliest
supported version. However, expect minor, likely-unnoticeable
performance regressions if you use Ruby 2.1 or earlier. Going
forward, unicorn will favor the latest version (currently 2.2) of
the mainline Ruby implementation, potentially sacrificing
performance on older Rubies.
* Some internal, undocumented features and APIs used by
derivative servers are gone; removing bloat and slightly lowering
memory use. We have never and will never endorse the use of any
applications or middleware with a dependency on unicorn,
applications should be written for Rack instead.
Note: Rainbows! 5.0 will be released next week or so to be
compatible with unicorn 5.x
New features:
* sd_listen_fds(3) emulation added for systemd compatibility.
You may now stop using PID files and other process monitoring
software when using systemd.
* Newly-set TCP socket options are now applied to inherited sockets.
* Dynamic changes in the application to Rack::Utils::HTTP_STATUS
hash is now supported; allowing users to set custom status lines
in Rack to be reflected in unicorn. This feature causes a minor
performance regression, but is made up for Ruby 2.2 users with
other optimizations.
* The monotonic clock is used under Ruby 2.1+, making the
timeout feature immune to system clock changes.
As unicorn may be used anonymously without registration, the
project is committed to supporting anonymous and pseudonymous
help requests, contributions and feedback via plain-text mail to:
unicorn-public@bogomips.org
The mail submission port (587) is open to those behind firewalls
and allows access via Tor and anonymous remailers.
Archives are accessible via: http://bogomips.org/unicorn-public/
and mirrored to various other places, so you do not need to use
a valid address when posting.
Finally, rest assured the core design of unicorn will never change.
It will never use new-fangled things like threads, kqueue or epoll;
but will always remain a preforking server serving one client
per-process.
[1] http://mid.gmane.org/20090211230457.GB22926@dcvr.yhbt.net
[2] this would've been like, totally gnarly in the 80s!
|
|
There is a minor TCP socket options are now applied to inherited
sockets, and we have native support for inheriting sockets from
systemd (by emulating the sd_listen_fds(3) function).
Dynamic changes in the application to Rack::Utils::HTTP_STATUS
codes is now supported, so you can use your own custom status
lines.
Ruby 2.2 and later is now favored for performance.
Optimizations by using constants which made sense in earlier
versions of Ruby are gone: so users of old Ruby versions
will see performance regressions. Ruby 2.2 users should
see the same or better performance, and we have less code
as a result.
* doc: update some invalid URLs
* apply TCP socket options on inherited sockets
* reflect changes in Rack::Utils::HTTP_STATUS_CODES
* reduce constants and optimize for Ruby 2.2
* http_response: reduce size of multi-line header path
* emulate sd_listen_fds for systemd support
* test/unit/test_response.rb: compatibility with older test-unit
This also includes all changes in unicorn 5.0.0.pre1:
http://bogomips.org/unicorn-public/m/20150615225652.GA16164@dcvr.yhbt.net.html
|
|
This release finally drops Ruby 1.8 support and requires Ruby 1.9.3
or later. The horrible "Status:" header in our HTTP response is
finally gone, saving at least 16 precious bytes in every single HTTP
response.
Under Ruby 2.1 and later, the monotonic clock is used for timeout
handling for better accuracy.
Several experimental, unused and undocumented features are removed.
There's also tiny, minor performance and memory improvements from
dropping 1.8 compatibility, but probably nothing noticeable on a
typical real-life (bloated) app.
The biggest performance improvement we made was to our website by
switching to olddoc. Depending on connection speed, latency, and
renderer performance, it typically loads two to four times faster.
Finally, for the billionth time: unicorn must never be exposed
to slow clients, as it will never ever use new-fangled things
like non-blocking socket I/O, threads, epoll or kqueue. unicorn
must be used with a fully-buffering reverse proxy such as nginx
for slow clients.
* ISSUES: update with mailing list subscription
* GIT-VERSION-GEN: start 5.0.0 development
* http: remove xftrust options
* FAQ: add entry for Rails autoflush_log
* dev: remove isolate dependency
* unicorn.gemspec: depend on test-unit 3.0
* http_response: remove Status: header
* remove RubyForge and Freecode references
* remove mongrel.rubyforge.org references
* http: remove the keepalive requests limit
* http: reduce parser from 72 to 56 bytes on 64-bit
* examples: add run_once to before_fork hook example
* worker: remove old tmp accessor
* http_server: save 450+ bytes of memory on x86-64
* t/t0002-parser-error.sh: relax test for rack 1.6.0
* remove SSL support
* tmpio: drop the "size" method
* switch docs + website to olddoc
* README: clarify/reduce references to unicorn_rails
* gemspec: fixup olddoc migration
* use the monotonic clock under Ruby 2.1+
* http: -Wshorten-64-to-32 warnings on clang
* remove old inetd+git examples and exec_cgi
* http: standalone require + reduction in binary size
* GNUmakefile: fix clean gem build + reduce build cruft
* socket_helper: reduce constant lookups and caching
* remove 1.8, <= 1.9.1 fallback for missing IO#autoclose=
* favor IO#close_on_exec= over fcntl in 1.9+
* use require_relative to reduce syscalls at startup
* doc: update support status for Ruby versions
* fix uninstalled testing and reduce require paths
* test_socket_helper: do not depend on SO_REUSEPORT
* favor "a.b(&:c)" form over "a.b { |x| x.c }"
* ISSUES: add section for bugs in other projects
* http_server: favor ivars over constants
* explain 11 byte magic number for self-pipe
* const: drop constants used by Rainbows!
* reduce and localize constant string use
* Links: mark Rainbows! as historical, reference yahns
* save about 200 bytes of memory on x86-64
* http: remove deprecated reset method
* http: remove experimental dechunk! method
* socket_helper: update comments
* doc: document UNICORN_FD in manpage
* doc: document Etc.nprocessors for worker_processes
* favor more string literals for cold call sites
* tee_input: support for Rack::TempfileReaper middleware
* support TempfileReaper in deployment and development envs
* favor kgio_wait_readable for single FD over select
* Merge tag 'v4.9.0'
* http_request: support rack.hijack by default
* avoid extra allocation for hijack proc creation
* FAQ: add note about ECONNRESET errors from bodies
* process SIGWINCH unless stdin is a TTY
* ISSUES: discourage HTML mail strongly, welcome nyms
* http: use rb_hash_clear in Ruby 2.0+
* http_response: avoid special-casing for Rack < 1.5
* www: install NEWS.atom.xml properly
* http_server: remove a few more accessors and constants
* http_response: simplify regular expression
* move the socket into Rack env for hijacking
* http: move response_start_sent into the C ext
* FAQ: reorder bit on Rack 1.1.x and Rails 2.3.x
* ensure body is closed during hijack
|
|
Incompatible changes ahead!
|
|
This release updates documentation to reflect the migration of the
mailing list to a new public-inbox[1] instance. This is necessary
due to the impending RubyForge shutdown on May 15, 2014.
The public-inbox address is: unicorn-public@bogomips.org
(no subscription required, plain text only)
ssoma[2] git archives: git://bogomips.org/unicorn-public
browser-friendly archives: http://bogomips.org/unicorn-public/
Using, getting help for, and contributing to unicorn will never
require any of the following:
1) non-Free software (including SaaS)
2) registration or sign-in of any kind
3) a real identity (we accept mail from Mixmaster)
4) a graphical user interface
Nowadays, plain-text email is the only ubiquitous platform which
meets all our requirements for communication.
There is also one small bugfix to handle premature grandparent death
upon initial startup. Most users are unaffected.
[1] policy: http://public-inbox.org/ - git://80x24.org/public-inbox
an "archives first" approach to mailing lists
[2] mechanism: http://ssoma.public-inbox.org/ - git://80x24.org/ssoma
some sort of mail archiver (using git)
|
|
We close SELF_PIPE in the worker immediately, but signal handlers
do not get setup immediately. So prevent workers from erroring out
due to invalid SELF_PIPE.
|
|
fix races/error handling in worker SIGQUIT handler
This protects us from two problems:
1) we (or our app) somehow called IO#close on one of the sockets
we listen on without removing it from the readers array.
We'll ignore IOErrors from IO#close and assume we wanted to
close it.
2) our SIGQUIT handler is interrupted by itself. This can happen as
a fake signal from the master could be handled and a real signal
from an outside user is sent to us (e.g. from unicorn-worker-killer)
or if a user uses the killall(1) command.
|
|
This release contains fairly major internal workings of master-to-worker
notifications. The master process no longer sends signals to workers
for most tasks. This works around some compatibility issues with some
versions of the "pg" gem (and potentially any other code which may not
handle EINTR properly). One extra benefit is it also helps stray
workers notice a rare, unexpected master death more easily. Workers
continue to (and will always) accept existing signals for compatibility
with tools/scripts which may signal workers.
PID file are always written early (even on upgrade) again to avoid
breaking strange monitoring setups which use PID files. Keep in mind we
have always discouraged monitoring based on PID files as they are
fragile.
We now avoid bubbling IOError to the Rack app on premature client
disconnects when streaming the input body. This is usually not a
problem with nginx, but may be on some LAN setups without nginx).
Thanks to Sam Saffron, Jimmy Soho, Rodrigo Rosenfeld Rosas,
Michael Fischer, and Andrew Hobson for their help with this release.
Note: the unicorn mailing list will be moved/changed soon due to the
RubyForge shutdown. unicorn will always rely only on Free Software.
There will never be any sign-up requirements nor terms-of-service to
agree to when communicating with us.
|
|
Eric Wong (6):
tests: fix SO_REUSEPORT tests for old Linux and non-Linux
stream_input: avoid IO#close on client disconnect
t0300: kill off stray processes in test
always write PID file early for compatibility
doc: clarify SIGNALS and reference init example
rework master-to-worker signaling to use a pipe
|
|
* support SO_REUSEPORT on new listeners (:reuseport)
This allows users to start an independent instance of unicorn on
a the same port as a running unicorn (as long as both instances
use :reuseport).
ref: https://lwn.net/Articles/542629/
* unicorn is now GPLv2-or-later and Ruby 1.8-licensed
(instead of GPLv2-only, GPLv3-only, and Ruby 1.8-licensed)
This changes nothing at the moment. Once the FSF publishes the next
version of the GPL, users may choose the newer GPL version without the
unicorn BDFL approving it. Two years ago when I got permission to add
GPLv3 to the license options, I also got permission from all past
contributors to approve future versions of the GPL. So now I'm
approving all future versions of the GPL for use with unicorn.
Reasoning below:
In case the GPLv4 arrives and I am not alive to approve/review it,
the lesser of evils is have give blanket approval of all future GPL
versions (as published by the FSF). The worse evil is to be stuck
with a license which cannot guarantee the Free-ness of this project
in the future.
This unfortunately means the FSF can theoretically come out with
license terms I do not agree with, but the GPLv2 and GPLv3 will
always be an option to all users.
Note: we currently prefer GPLv3
Two improvements thanks to Ernest W. Durbin III:
* USR2 redirects fixed for Ruby 1.8.6 (broken since 4.1.0)
* unicorn(1) and unicorn_rails(1) enforces valid integer for -p/--port
A few more odd, minor tweaks and fixes:
* attempt to rename PID file when possible (on USR2)
* workaround reopen atomicity issues for stdio vs non-stdio
* improve handling of client-triggerable socket errors
|
|
Thanks to Micah Chalmer for this fix. There are also minor
documentation updates and internal cleanups.
|
|
This release fixes a bug in Unicorn::HttpParser#filter_body
which affected some configurations of Rainbows! There is
also a minor size reduction in the DSO.
|
|
Unicorn::Const::UNICORN_VERSION is now auto-generated from
GIT-VERSION-GEN and always correct. Minor cleanups for
hijacking.
|
|
This DRYs out our code and prevents snafus like the 4.6.0
release where UNICORN_VERSION stayed at 4.5.0
Reported-by: Maurizio De Santis <m.desantis@morganspa.com>
|
|
This pre-release adds hijacking support for Rack 1.5 users.
See Rack documentation for more information about hijacking.
There is also a new --no-default-middleware/-N option
for the `unicorn' command to ignore RACK_ENV within unicorn
thanks to Lin Jen-Shin.
There are only documentation and test-portability updates
since 4.6.0pre1, no code changes.
|
|
This pre-release adds hijacking support for Rack 1.5 users.
See Rack documentation for more information about hijacking.
There is also a new --no-default-middleware/-N option
for the `unicorn' command to ignore RACK_ENV within unicorn.
|
|
The new check_client_connection option allows unicorn to detect
most disconnected local clients before potentially expensive
application processing begins.
This feature is useful for applications experiencing spikes of
traffic leading to undesirable queue times, as clients will
disconnect (and perhaps even retry, compounding the problem)
before unicorn can even start processing the request.
To enable this feature, add the following line to a unicorn
config file:
check_client_connection true
This feature only works when nginx (or any other HTTP/1.0+
client) is on the same machine as unicorn.
A huge thanks to Tom Burns for implementing and testing this
change in production with real traffic (including mitigating
an unexpected DoS attack).
ref: http://mid.gmane.org/CAK4qKG3rkfVYLyeqEqQyuNEh_nZ8yw0X_cwTxJfJ+TOU+y8F+w@mail.gmail.com
This release fixes broken Rainbows! compatibility in 4.5.0pre1.
|
|
The new check_client_connection option allows unicorn to detect
most disconnected clients before potentially expensive
application processing begins.
This feature is useful for applications experiencing spikes of
traffic leading to undesirable queue times, as clients will
disconnect (and perhaps even retry, compounding the problem)
before unicorn can even start processing the request.
To enable this feature, add the following line to a unicorn
config file:
check_client_connection true
A huge thanks to Tom Burns for implementing and testing this
change in production with real traffic (including mitigating
an unexpected DoS attack).
|
|
Non-regular files are no longer reopened on SIGUSR1. This
allows users to specify FIFOs as log destinations.
TCP_NOPUSH/TCP_CORK is no longer set/unset by default. Use
:tcp_nopush explicitly with the "listen" directive if you wish
to enable TCP_NOPUSH/TCP_CORK.
Listen sockets are now bound _after_ loading the application for
preload_app(true) users. This prevents load balancers from
sending traffic to an application server while the application
is still loading.
There are also minor test suite cleanups.
|
|
* Call shutdown(2) if a client EOFs on us during upload.
We can avoid holding a socket open if the Rack app forked a
process during uploads.
* ignore potential Errno::ENOTCONN errors (from shutdown(2)).
Even on LANs, connections can occasionally be accept()-ed but
be unusable afterwards.
Thanks to Joel Nimety <jnimety@continuity.net>,
Matt Smith <matt@nearapogee.com> and George <lists@southernohio.net>
on the mongrel-unicorn@rubyforge.org mailing list for their
feedback and testing for this release.
|
|
* PATH_INFO (aka REQUEST_PATH) increased to 4096 (from 1024).
This allows requests with longer path components and matches
the system PATH_MAX value common to GNU/Linux systems for
serving filesystem components with long names.
* Apps that fork() (but do not exec()) internally for background
tasks now indicate the end-of-request immediately after
writing the Rack response.
Thanks to Hongli Lai, Lawrence Pit, Patrick Wenger and Nuo Yan
for their valuable feedback for this release.
|
|
* Stale pid files are detected if a pid is recycled by processes
belonging to another user, thanks to Graham Bleach.
* nginx example config updates thanks to to Eike Herzbach.
* KNOWN_ISSUES now documents issues with apps/libs that install
conflicting signal handlers.
|
|
The GPLv3 is now an option to the Unicorn license. The existing GPLv2
and Ruby-only terms will always remain options, but the GPLv3 is
preferred.
Daemonization is correctly detected on all terminals for development
use (Brian P O'Rourke).
Unicorn::OobGC respects applications that disable GC entirely
during application dispatch (Yuichi Tateno).
Many test fixes for OpenBSD, which may help other *BSDs, too.
(Jeremy Evans).
There is now _optional_ SSL support (via the "kgio-monkey"
RubyGem). On fast, secure LANs, SSL is only intended for
detecting data corruption that weak TCP checksums cannot detect.
Our SSL support is remains unaudited by security experts.
There are also some minor bugfixes and documentation
improvements.
Ruby 2.0.0dev also has a copy-on-write friendly GC which can save memory
when combined with "preload_app true", so if you're in the mood, start
testing Unicorn with the latest Ruby!
|
|
The last-resort timeout mechanism was inaccurate and often
delayed in activation since the 2.0.0 release. It is now fixed
and remains power-efficient in idle situations, especially with
the wakeup reduction in MRI 1.9.3+.
There is also a new document on application timeouts
intended to discourage the reliance on this last-resort
mechanism. It is visible on the web at:
http://unicorn.bogomips.org/Application_Timeouts.html
|
|
* Rack::Chunked and Rack::ContentLength middlewares are loaded
by default for RACK_ENV=(development|deployment) users to match
Rack::Server behavior. As before, use RACK_ENV=none if you want
fine-grained control of your middleware. This should also
help users of Rainbows! and Zbatery.
* CTL characters are now rejected from HTTP header values
* Exception messages are now filtered for [:cntrl:] characters
since application/middleware authors may forget to do so
* Workers will now terminate properly if a SIGQUIT/SIGTERM/SIGINT
is received while during worker process initialization.
* close-on-exec is explicitly disabled to future-proof against
Ruby 2.0 changes [ruby-core:38140]
|
|
This release fixes things for users of per-worker "listen"
directives in the after_fork hook. Thanks to ghazel@gmail.com
for reporting the bug.
The "timeout" configurator directive is now truncated to
0x7ffffffe seconds to prevent overflow when calling
IO.select.
|
|
A single Unicorn instance may manage more than 1024 workers
without needing privileges to modify resource limits. As a
result of this, the "raindrops"[1] gem/library is now a required
dependency.
TCP socket defaults now favor low latency to mimic UNIX domain
socket behavior (tcp_nodelay: true, tcp_nopush: false). This
hurts throughput, users who want to favor throughput should
specify "tcp_nodelay: false, tcp_nopush: true" in the listen
directive.
Error logging is more consistent and all lines should be
formatted correctly in backtraces. This may break the
behavior of some log parsers.
The call stack is smaller and thus easier to examine backtraces
when debugging Rack applications.
There are some internal API changes and cleanups, but none that
affect applications designed for Rack. See "git log v3.7.0.."
for details.
For users who cannot install kgio[2] or raindrops, Unicorn 1.1.x
remains supported indefinitely. Unicorn 3.x will remain
supported if there is demand. We expect raindrops to introduce
fewer portability problems than kgio did, however.
[1] http://raindrops.bogomips.org/
[2] http://bogomips.org/kgio/
|
|
* miscellaneous documentation improvements
* return 414 (instead of 400) for Request-URI Too Long
* strip leading and trailing linear whitespace in header values
User-visible improvements meant for Rainbows! users:
* add :ipv6only "listen" option (same as nginx)
|
|
The optional Unicorn::OobGC module is reimplemented to fix
breakage that appeared in v3.3.1. There are also minor
documentation updates, but no code changes as of 3.6.1 for
non-OobGC users.
There is also a v1.1.7 release to fix the same OobGC breakage
that appeared for 1.1.x users in the v1.1.6 release.
|
|
Our attempt in 3.6.0 to workaround a problem with the OpenSSL
PRNG actually made the problem worse. This release corrects the
workaround to properly reseed the OpenSSL PRNG after forking.
|
|
Mainly small fixes, improvements, and workarounds for fork() issues
with pseudo-random number generators shipped with Ruby (Kernel#rand,
OpenSSL::Random (used by SecureRandom and also by Rails).
The PRNG issues are documented in depth here (and links to Ruby Redmine):
http://bogomips.org/unicorn.git/commit?id=1107ede7
http://bogomips.org/unicorn.git/commit?id=b3241621
If you're too lazy to upgrade, you can just do this in your after_fork
hooks:
after_fork do |server,worker|
tmp = srand
OpenSSL::Random.seed(tmp.to_s) if defined?(OpenSSL::Random)
end
There are also small log reopening (SIGUSR1) improvements:
* relative paths may also be reopened, there's a small chance this
will break with a handful of setups, but unlikely. This should
make configuration easier especially since the "working_directory"
configurator directive exists. Brought up by Matthew Kocher:
http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/900
* workers will just die (and restart) if log reopening fails for
any reason (including user error). This is to workaround the issue
reported by Emmanuel Gomez:
http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/906
|
|
A small set of small changes but it's been more than a month
since our last release. There are minor memory usage and
efficiently improvements (for graceful shutdowns). MRI 1.8.7
users on *BSD should be sure they're using the latest patchlevel
(or upgrade to 1.9.x) because we no longer workaround their
broken stdio (that's MRI's job :)
|
|
* IPv6 support in the HTTP hostname parser and configuration
language. Configurator syntax for "listen" addresses should
be the same as nginx. Even though we support IPv6, we will
never support non-LAN/localhost clients connecting to Unicorn.
* TCP_NOPUSH/TCP_CORK is enabled by default to optimize
for bandwidth usage and avoid unnecessary wakeups in nginx.
* Updated KNOWN_ISSUES document for bugs in recent Ruby 1.8.7
(RNG needs reset after fork) and nginx+sendfile()+FreeBSD 8.
* examples/nginx.conf updated for modern stable versions of nginx.
* "Status" in headers no longer ignored in the response,
Rack::Lint already enforces this so we don't duplicate
the work.
* All tests pass under Ruby 1.9.3dev
* various bugfixes in the (mostly unused) ExecCGI class that
powers http://bogomips.org/unicorn.git
|
|
We now close the client socket after closing the response body.
This does not affect most applications that run under Unicorn,
in fact, it may not affect any.
There is also a new v1.1.6 release for users who do not use
kgio.
|
|
Certain applications that already serve hundreds/thousands of requests a
second should experience performance improvements due to
Time.now.httpdate usage being removed and reimplemented in C.
There are also minor internal changes and cleanups for Rainbows!
|
|
There are numerous improvements in the HTTP parser for
Rainbows!, none of which affect Unicorn-only users.
The kgio dependency is incremented to 2.1: this should avoid
ENOSYS errors for folks building binaries on newer Linux
kernels and then deploying to older ones.
There are also minor documentation improvements, the website
is now JavaScript-free!
(Ignore the 3.2.0 release, I fat-fingered some packaging things)
|
|
There are numerous improvements in the HTTP parser for
Rainbows!, none of which affect Unicorn-only users.
The kgio dependency is incremented to 2.1: this should avoid
ENOSYS errors for folks building binaries on newer Linux
kernels and then deploying to older ones.
There are also minor documentation improvements, the website
is now JavaScript-free!
|
|
This release enables tuning the client_buffer_body_size to raise
or lower the threshold for buffering request bodies to disk.
This only applies to users who have not disabled rewindable
input. There is also a TeeInput bugfix for uncommon usage
patterns and Configurator examples in the FAQ should be fixed
|
|
...and only Rainbows! This release fixes HTTP pipelining for
requests with bodies for users of synchronous Rainbows!
concurrency models.
Since Unicorn itself does not support keepalive nor pipelining,
Unicorn-only users need not upgrade.
|
|
Rewindable "rack.input" may be disabled via the
"rewindable_input false" directive in the configuration file.
This will violate Rack::Lint for Rack 1.x applications, but can
reduce I/O for applications that do not need a rewindable
input.
This release updates us to the Kgio 2.x series which should play
more nicely with other libraries and applications. There are
also internal cleanups and improvements for future versions of
Rainbows!
The Unicorn 3.x series supercedes the 2.x series
while the 1.x series will remain supported indefinitely.
|