Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proxy: set tcp write timeout to max timeout timeout value or default #163

Merged
merged 2 commits into from
Mar 21, 2019
Merged

proxy: set tcp write timeout to max timeout timeout value or default #163

merged 2 commits into from
Mar 21, 2019

Conversation

jphines
Copy link
Contributor

@jphines jphines commented Mar 1, 2019
edited
Loading

Problem

In #151, a problem was explored where SSO Proxy writes out 200 OK on long requests but nothing is written out to the client. We were able to trace this issue down to a default configuration we specify for the http.Server that would timeout tcp connections after the timeout window specified but before the upstream response was received.

However, because of a bug in the golang stdlib golang/go#21389, when these writes occurred we were unable to easily diagnose the connection had closed and that the write was unsuccessful - no error is returned nor is there any useful log output.

Unfortunately, there is no way to cleanly handle this error case to make debugging more useful without re-writing portions of the http.Server.

Solution

For now, we can make this edge case a little less sharp by handling these timeouts more intuitively. We set the WriteTimeout for the http.Server to now be the max of the either the default value configured or the max upstream timeout config.

Notes

Many thanks to @victornoel for raising both the issue and the mitigation implemented here.

@jphines jphines added the bug Something isn't working label Mar 1, 2019
@jphines jphines self-assigned this Mar 1, 2019
@jphines jphines force-pushed the tcp-write-timeout-set-to-max-upstream-timeout branch from 57fb212 to b390f3c Compare March 1, 2019 20:59
@desimone desimone mentioned this pull request Mar 2, 2019
Open
desimone
desimone reviewed Mar 2, 2019
View reviewed changes
internal/proxy/options.go
if o.upstreamConfigs != nil {
for _, uc := range o.upstreamConfigs {
if uc.Timeout > o.TCPWriteTimeout {
o.TCPWriteTimeout = uc.Timeout
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if TCPWriteTimeout is set to 0 to support streaming?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think users will have to implement this at their own peril for the moment. I think we'd have to implement an actually underlying idle tcp connection -- but might be a more involved change.

For the moment, this fix delivers tangible value to users.

@jphines jphines merged commit 1b41389 into master Mar 21, 2019
@jphines jphines deleted the tcp-write-timeout-set-to-max-upstream-timeout branch March 21, 2019 16:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@desimone desimone desimone left review comments

@shrayolacrayon shrayolacrayon shrayolacrayon approved these changes

Assignees

@jphines jphines

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jphines @desimone @shrayolacrayon