Age | Commit message (Collapse) | Author |
|
The Erlang SSL library allows keys, certs and cacerts to be passed either as DER encoded binaries or in PEM encoded files. This patch allows ranch_ssl to be configured in either manner.
|
|
|
|
This should be an acceptable temporary solution to the ssl_accept
problem. We no longer have to worry about acceptors being dead
because ssl_accept never returned.
|
|
This should avoid using all CPU because we keep trying to accept.
|
|
|
|
A ranch_conns_sup could be (re)started and call
ranch_server:set_connections_sup/2 before ranch_server has handled the
predecessor's exit. This would cause the ranch_server to crash because
ets:insert_new/2 would return false.
This change allows ranch_server to handle this case by crashing the
calling process instead of itself.
|
|
|
|
When ranch_server crashes it will now remonitor previously registered
ranch_conns_sup processes so they can be removed from the registry when
they die.
|
|
|
|
We just don't need this process anymore. Less, simpler code!
API changes:
* Protocols start_link first argument is now Ref instead of ListenerPid
* ranch:accept_ack/1 argument is now Ref instead of ListenerPid
* ranch_listener:remove_connection/1 becomes ranch:remove_connection/1
and its argument is now Ref instead of ListenerPid
Ref is the name of the listener given as first argument to start_listener/6.
|
|
This change was designed so that we don't have this supervisor
and ranch_listener performing the same job, namely monitoring
connection processes, the first through links and the second
through monitors.
This change also makes possible various optimizations:
* Acceptors don't need to know about options, maximum number
of connections, or anything else. They can just accept,
pass the socket to the supervisor, and when the supervisor
replies continue accepting connections.
* The supervisor holds most of the information that will be
passed to created processes. This reduces copying.
* The supervisor temporarily takes ownership of the socket,
then creates the connection process and gives it ownership,
streamlining the creation.
* The supervisor can hold acceptors in their receive loop if
max_connections is reached. When this number gets below the
limit it can then send a message to a sleeping acceptor to
make it resume its operations.
* Because we know that all connection process creations are made
from the local Erlang node, we can greatly reduce the number
operations to be made when calling the supervisor.
* Because all acceptors die if this supervisor dies, we can
remove even more operations from the calling code. We do not
need to monitor or wait for a timeout. This reduces the call
code to two statements: send and receive. (Thanks James Fish
for helping with that.)
* The supervisor only needs to keep track of a list of pids.
There is no children specification to be maintained, we do
not need to handle restart strategy (no process can be
restarted because the socket dies with it). We are using
the process dictionary for storing the pids as it proved
to be the simplest and fastest solution.
* The supervisor maintains a count of current connections,
but also of processes (including the ones that removed
themselves from the pool), making any query of these values
very fast.
The supervisor should still be compatible with OTP principles.
It responds to calls from the supervisor module as expected,
although some of them are disabled and an error will be returned,
for example supervisor:start_child/2. It is also started with
proc_lib and handles system messages. sys:get_status/1 can thus
be used as expected.
We can see a great increase in the number of requests/s, a great
improvement in the latency of requests, and we can simply accept
requests faster than before. It will probably have a bigger increase
under virtualized environments, although that's only a guess.
As a result of this, we don't write much anymore in the ranch_server
ets table, so the write_concurrency option was removed. Tests were
also slightly improved to prevent race conditions.
|
|
|
|
|
|
For TLS Next Protocol Negotiation support.
|
|
|
|
|
|
|
|
There is no need to contact the server and track requests unless being
asked to do so by the user. It's going to be faster and more efficient
to not track anything when being told tracking doesn't matter.
Whenever the max connections is set to infinity, the connections
counting key is not created, or is deleted if it existed already.
When using a numeric value, the connection count is created or
maintained if it existed already.
Moreover, trying to reduce a listener's counter while the max connection
number is set to `infinity` will return 0 and avoid all counting
operations as they are meaningless.
|
|
This patch lets the user set and use raw socket options as described in
inet:setopts/2 documentation.
The raw options can be useful to use TCP features that are platform-
specific and not supported in inet in general, such as TCP_DEFER_ACCEPT
or TCP_LINGER2 in linux stacks, for example.
|
|
|
|
It is non_neg_integer() | infinity. Introduce the type
`ranch:max_conns/0` for easier manipulation.
|
|
|
|
Tests were constantly failing without this patch. It seems ct
starts erlang code server in interactive mode, so application
module loading is defered.
|
|
|
|
Two general issues were addressed. The first one is the issue with
statically defined pids passed into childspecs. This issue prevents
regular supervisor' children restarts in the case of someone's
failure.
The second one is the not quite appropriate restart strategy.
Changed to rest_for_one which in pair with previous fixes assures
that live connections will not die in the case of partial failure.
Among possible failures are listening socket shutdown or frequent
accept errors.
|
|
|
|
|
|
Uses file:sendfile/2 for TCP, a fallback function for SSL.
|
|
|
|
|
|
|
|
|
|
Enabled by default.
A comprehensive explanation about TCP_NODELAY and the Nagle algorithm
can be found at http://www.stuartcheshire.org/papers/NagleDelayedAck/
|
|
|
|
|
|
At the same time we make the 'port' option optional, defaulting to 0.
|
|
Should prove itself more robust when things go wrong.
|
|
Distinguish the errors from transport_accept and ssl_accept
in ranch_ssl. {error, closed} for the first one means the listening
socket got closed; for the second one it means the connection
socket was.
Ignore all errors except when the listening socket got closed,
where we want to crash to allow opening the socket again.
|
|
Ranch now accepts connection asynchronously through a separate
process. The accept process is linked to the acceptor, calls
accept and does nothing else but send the socket back to the
acceptor. This allows us to receive messages in the acceptor
to handle upgrades instead of polling. This will also allow us
later to make acceptors system processes.
Remove support for connection pools in favor of a simpler
max_connections setting. Connections can be removed from the
count, allowing us to have as many long-lived connections as
we want while still limiting the number of short-lived ones.
Add max_connections, max_connections with long-lived connections,
and upgrade tests.
|
|
This way, if a crash happens in one of them after a protocol options
upgrade has occured, the restarted acceptor will get the upgraded
options as expected, and not the initial ones.
|
|
|
|
|
|
ranch:get_port/1 returns the given listener's port.
|
|
Also use one export per line to improve future diffs.
Bump the version to 0.2.1 to reflect this change.
|
|
|
|
Modules were renamed. The 'cowboy_' prefix became 'ranch_'.
At the same time, ranch_ssl_transport became ranch_ssl,
and ranch_tcp_transport became ranch_tcp, because appending
'_transport' felt a bit redundant considering SSL and TCP
clearly are transports.
One test has been added to make sure everything is working.
|