[lxc-devel] [lxd/master] Close http transports since they might keep connections around
freeekanayaka on Github
lxc-bot at linuxcontainers.org
Wed Jan 22 10:19:01 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 361 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200122/bc436082/attachment.bin>
-------------- next part --------------
From 634c1c96f6b80bffe6e9eed5617a143690fbca66 Mon Sep 17 00:00:00 2001
From: Free Ekanayaka <free.ekanayaka at canonical.com>
Date: Wed, 22 Jan 2020 10:07:39 +0000
Subject: [PATCH] Close http transports since they might keep connections
around
Signed-off-by: Free Ekanayaka <free.ekanayaka at canonical.com>
---
lxd/cluster/gateway.go | 9 +++++++--
lxd/cluster/heartbeat.go | 4 +++-
lxd/cluster/tls.go | 12 ++++++++++++
3 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/lxd/cluster/gateway.go b/lxd/cluster/gateway.go
index 5641b632fa..646e8f017a 100644
--- a/lxd/cluster/gateway.go
+++ b/lxd/cluster/gateway.go
@@ -564,6 +564,9 @@ func (g *Gateway) LeaderAddress() (string, error) {
return "", fmt.Errorf("No raft node known")
}
+ transport, cleanup := tlsTransport(config)
+ defer cleanup()
+
for _, address := range addresses {
url := fmt.Sprintf("https://%s%s", address, databaseEndpoint)
request, err := http.NewRequest("GET", url, nil)
@@ -572,7 +575,7 @@ func (g *Gateway) LeaderAddress() (string, error) {
}
setDqliteVersionHeader(request)
request = request.WithContext(ctx)
- client := &http.Client{Transport: &http.Transport{TLSClientConfig: config}}
+ client := &http.Client{Transport: transport}
response, err := client.Do(request)
if err != nil {
logger.Debugf("Failed to fetch leader address from %s", address)
@@ -820,7 +823,9 @@ func dqliteNetworkDial(ctx context.Context, addr string, g *Gateway, checkLeader
}
setDqliteVersionHeader(request)
request = request.WithContext(ctx)
- client := &http.Client{Transport: &http.Transport{TLSClientConfig: config}}
+ transport, cleanup := tlsTransport(config)
+ defer cleanup()
+ client := &http.Client{Transport: transport}
response, err := client.Do(request)
if err != nil {
return nil, err
diff --git a/lxd/cluster/heartbeat.go b/lxd/cluster/heartbeat.go
index 27aeb80767..a93092d810 100644
--- a/lxd/cluster/heartbeat.go
+++ b/lxd/cluster/heartbeat.go
@@ -356,8 +356,10 @@ func HeartbeatNode(taskCtx context.Context, address string, cert *shared.CertInf
timeout := 2 * time.Second
url := fmt.Sprintf("https://%s%s", address, databaseEndpoint)
+ transport, cleanup := tlsTransport(config)
+ defer cleanup()
client := &http.Client{
- Transport: &http.Transport{TLSClientConfig: config},
+ Transport: transport,
Timeout: timeout,
}
diff --git a/lxd/cluster/tls.go b/lxd/cluster/tls.go
index 6d09ff60ea..04ea9fa4b4 100644
--- a/lxd/cluster/tls.go
+++ b/lxd/cluster/tls.go
@@ -52,3 +52,15 @@ func tlsCheckCert(r *http.Request, info *shared.CertInfo) bool {
return r.TLS != nil && trusted
}
+
+// Return an http.Transport configured using the given configuration and a
+// cleanup function to use to close all connections the transport has been
+// used.
+func tlsTransport(config *tls.Config) (*http.Transport, func()) {
+ transport := &http.Transport{
+ TLSClientConfig: config,
+ DisableKeepAlives: true,
+ MaxIdleConns: 0,
+ }
+ return transport, transport.CloseIdleConnections
+}
More information about the lxc-devel
mailing list