X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/95de13bdab14eb803a4c9e2243df50e1eb0df69a..2ea729f97166cb5fda4a6ca0818f0a0ab15388ab:/lib/controller/handler.go diff --git a/lib/controller/handler.go b/lib/controller/handler.go index 78ad89e706..53125ae554 100644 --- a/lib/controller/handler.go +++ b/lib/controller/handler.go @@ -5,6 +5,9 @@ package controller import ( + "context" + "database/sql" + "errors" "net" "net/http" "net/url" @@ -15,6 +18,7 @@ import ( "git.curoverse.com/arvados.git/sdk/go/arvados" "git.curoverse.com/arvados.git/sdk/go/health" "git.curoverse.com/arvados.git/sdk/go/httpserver" + _ "github.com/lib/pq" ) type Handler struct { @@ -26,10 +30,32 @@ type Handler struct { proxy *proxy secureClient *http.Client insecureClient *http.Client + pgdb *sql.DB + pgdbMtx sync.Mutex } func (h *Handler) ServeHTTP(w http.ResponseWriter, req *http.Request) { h.setupOnce.Do(h.setup) + if req.Method != "GET" && req.Method != "HEAD" { + // http.ServeMux returns 301 with a cleaned path if + // the incoming request has a double slash. Some + // clients (including the Go standard library) change + // the request method to GET when following a 301 + // redirect if the original method was not HEAD + // (RFC7231 6.4.2 specifically allows this in the case + // of POST). Thus "POST //foo" gets misdirected to + // "GET /foo". To avoid this, eliminate double slashes + // before passing the request to ServeMux. + for strings.Contains(req.URL.Path, "//") { + req.URL.Path = strings.Replace(req.URL.Path, "//", "/", -1) + } + } + if h.Cluster.HTTPRequestTimeout > 0 { + ctx, cancel := context.WithDeadline(req.Context(), time.Now().Add(time.Duration(h.Cluster.HTTPRequestTimeout))) + req = req.WithContext(ctx) + defer cancel() + } + h.handlerStack.ServeHTTP(w, req) } @@ -39,6 +65,8 @@ func (h *Handler) CheckHealth() error { return err } +func neverRedirect(*http.Request, []*http.Request) error { return http.ErrUseLastResponse } + func (h *Handler) setup() { mux := http.NewServeMux() mux.Handle("/_health/", &health.Handler{ @@ -47,24 +75,48 @@ func (h *Handler) setup() { }) hs := http.NotFoundHandler() hs = prepend(hs, h.proxyRailsAPI) - hs = prepend(hs, h.proxyRemoteCluster) + hs = h.setupProxyRemoteCluster(hs) mux.Handle("/", hs) h.handlerStack = mux sc := *arvados.DefaultSecureClient - sc.Timeout = time.Duration(h.Cluster.HTTPRequestTimeout) + sc.CheckRedirect = neverRedirect h.secureClient = &sc ic := *arvados.InsecureHTTPClient - ic.Timeout = time.Duration(h.Cluster.HTTPRequestTimeout) + ic.CheckRedirect = neverRedirect h.insecureClient = &ic h.proxy = &proxy{ - Name: "arvados-controller", - RequestTimeout: time.Duration(h.Cluster.HTTPRequestTimeout), + Name: "arvados-controller", } } +var errDBConnection = errors.New("database connection error") + +func (h *Handler) db(req *http.Request) (*sql.DB, error) { + h.pgdbMtx.Lock() + defer h.pgdbMtx.Unlock() + if h.pgdb != nil { + return h.pgdb, nil + } + + db, err := sql.Open("postgres", h.Cluster.PostgreSQL.Connection.String()) + if err != nil { + httpserver.Logger(req).WithError(err).Error("postgresql connect failed") + return nil, errDBConnection + } + if p := h.Cluster.PostgreSQL.ConnectionPool; p > 0 { + db.SetMaxOpenConns(p) + } + if err := db.Ping(); err != nil { + httpserver.Logger(req).WithError(err).Error("postgresql connect succeeded but ping failed") + return nil, errDBConnection + } + h.pgdb = db + return db, nil +} + type middlewareFunc func(http.ResponseWriter, *http.Request, http.Handler) func prepend(next http.Handler, middleware middlewareFunc) http.Handler { @@ -73,11 +125,10 @@ func prepend(next http.Handler, middleware middlewareFunc) http.Handler { }) } -func (h *Handler) proxyRailsAPI(w http.ResponseWriter, req *http.Request, next http.Handler) { +func (h *Handler) localClusterRequest(req *http.Request) (*http.Response, error) { urlOut, insecure, err := findRailsAPI(h.Cluster, h.NodeProfile) if err != nil { - httpserver.Error(w, err.Error(), http.StatusInternalServerError) - return + return nil, err } urlOut = &url.URL{ Scheme: urlOut.Scheme, @@ -90,7 +141,15 @@ func (h *Handler) proxyRailsAPI(w http.ResponseWriter, req *http.Request, next h if insecure { client = h.insecureClient } - h.proxy.Do(w, req, urlOut, client) + return h.proxy.Do(req, urlOut, client) +} + +func (h *Handler) proxyRailsAPI(w http.ResponseWriter, req *http.Request, next http.Handler) { + resp, err := h.localClusterRequest(req) + n, err := h.proxy.ForwardResponse(w, resp, err) + if err != nil { + httpserver.Logger(req).WithError(err).WithField("bytesCopied", n).Error("error copying response body") + } } // For now, findRailsAPI always uses the rails API running on this