def test_set_tcp_keepalive(self): mock_sock = mock.Mock() netutils.set_tcp_keepalive(mock_sock, True, 100, 10, 5) calls = [ mock.call.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, True), ] if hasattr(socket, 'TCP_KEEPIDLE'): calls += [ mock.call.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, 100) ] if hasattr(socket, 'TCP_KEEPINTVL'): calls += [ mock.call.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPINTVL, 10), ] if hasattr(socket, 'TCP_KEEPCNT'): calls += [ mock.call.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPCNT, 5) ] mock_sock.assert_has_calls(calls) mock_sock.reset_mock() netutils.set_tcp_keepalive(mock_sock, False) self.assertEqual(1, len(mock_sock.mock_calls))
def start(self): """Start serving a WSGI application. :returns: None :raises: cinder.exception.InvalidInput """ # The server socket object will be closed after server exits, # but the underlying file descriptor will remain open, and will # give bad file descriptor error. So duplicating the socket object, # to keep file descriptor usable. dup_socket = self._socket.dup() dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) # NOTE(praneshp): Call set_tcp_keepalive in oslo to set # tcp keepalive parameters. Sockets can hang around forever # without keepalive netutils.set_tcp_keepalive(dup_socket, CONF.tcp_keepalive, CONF.tcp_keepidle, CONF.tcp_keepalive_count, CONF.tcp_keepalive_interval) if self._use_ssl: try: ssl_kwargs = { 'server_side': True, 'certfile': CONF.ssl_cert_file, 'keyfile': CONF.ssl_key_file, 'cert_reqs': ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = CONF.ssl_ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED dup_socket = ssl.wrap_socket(dup_socket, **ssl_kwargs) except Exception: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to start %(name)s on %(_host)s:" "%(_port)s with SSL " "support."), self.__dict__) wsgi_kwargs = { 'func': eventlet.wsgi.server, 'sock': dup_socket, 'site': self.app, 'protocol': self._protocol, 'custom_pool': self._pool, 'log': self._wsgi_logger, 'socket_timeout': self.client_socket_timeout, 'keepalive': CONF.wsgi_keep_alive } self._server = eventlet.spawn(**wsgi_kwargs)
def start(self): """Start serving a WSGI application. :returns: None :raises: cinder.exception.InvalidInput """ # The server socket object will be closed after server exits, # but the underlying file descriptor will remain open, and will # give bad file descriptor error. So duplicating the socket object, # to keep file descriptor usable. dup_socket = self._socket.dup() dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) # NOTE(praneshp): Call set_tcp_keepalive in oslo to set # tcp keepalive parameters. Sockets can hang around forever # without keepalive netutils.set_tcp_keepalive(dup_socket, CONF.tcp_keepalive, CONF.tcp_keepidle, CONF.tcp_keepalive_count, CONF.tcp_keepalive_interval) if self._use_ssl: try: ssl_kwargs = { 'server_side': True, 'certfile': CONF.ssl_cert_file, 'keyfile': CONF.ssl_key_file, 'cert_reqs': ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = CONF.ssl_ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED dup_socket = ssl.wrap_socket(dup_socket, **ssl_kwargs) except Exception: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to start %(name)s on %(_host)s: " "%(_port)s with SSL " "support."), self.__dict__) wsgi_kwargs = { 'func': eventlet.wsgi.server, 'sock': dup_socket, 'site': self.app, 'protocol': self._protocol, 'custom_pool': self._pool, 'log': self._logger, 'socket_timeout': self.client_socket_timeout, 'keepalive': CONF.wsgi_keep_alive } self._server = eventlet.spawn(**wsgi_kwargs)
def _set_socket_opts(self, _socket): _socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) # NOTE(praneshp): Call set_tcp_keepalive in oslo to set # tcp keepalive parameters. Sockets can hang around forever # without keepalive netutils.set_tcp_keepalive(_socket, self.conf.tcp_keepalive, self.conf.tcp_keepidle, self.conf.tcp_keepalive_count, self.conf.tcp_keepalive_interval) return _socket
def start(self): """Start serving a WSGI application. :returns: None :raises: guts.exception.InvalidInput """ # The server socket object will be closed after server exits, # but the underlying file descriptor will remain open, and will # give bad file descriptor error. So duplicating the socket object, # to keep file descriptor usable. dup_socket = self._socket.dup() dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) netutils.set_tcp_keepalive( dup_socket, CONF.tcp_keepalive, CONF.tcp_keepidle, CONF.tcp_keepalive_count, CONF.tcp_keepalive_interval ) if self._use_ssl: try: ssl_kwargs = { "server_side": True, "certfile": CONF.ssl_cert_file, "keyfile": CONF.ssl_key_file, "cert_reqs": ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs["ca_certs"] = CONF.ssl_ca_file ssl_kwargs["cert_reqs"] = ssl.CERT_REQUIRED dup_socket = ssl.wrap_socket(dup_socket, **ssl_kwargs) except Exception: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to start %(name)s on %(_host)s: " "%(_port)s with SSL " "support."), self.__dict__ ) wsgi_kwargs = { "func": eventlet.wsgi.server, "sock": dup_socket, "site": self.app, "protocol": self._protocol, "custom_pool": self._pool, "log": self._logger, "socket_timeout": self.client_socket_timeout, "keepalive": CONF.wsgi_keep_alive, } self._server = eventlet.spawn(**wsgi_kwargs)
def start(self): """Start serving a WSGI application. :returns: None :raises: manila.exception.InvalidInput """ # The server socket object will be closed after server exits, # but the underlying file descriptor will remain open, and will # give bad file descriptor error. So duplicating the socket object, # to keep file descriptor usable. config.set_middleware_defaults() dup_socket = self._socket.dup() netutils.set_tcp_keepalive( dup_socket, tcp_keepalive=CONF.tcp_keepalive, tcp_keepidle=CONF.tcp_keepidle, tcp_keepalive_interval=CONF.tcp_keepalive_interval, tcp_keepalive_count=CONF.tcp_keepalive_count ) if self._use_ssl: try: ssl_kwargs = { 'server_side': True, 'certfile': CONF.ssl_cert_file, 'keyfile': CONF.ssl_key_file, 'cert_reqs': ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = CONF.ssl_ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED dup_socket = ssl.wrap_socket(dup_socket, **ssl_kwargs) dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) except Exception: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to start %(name)s on %(_host)s:%(_port)s " "with SSL support."), {"name": self.name, "_host": self._host, "_port": self._port} ) wsgi_kwargs = { 'func': eventlet.wsgi.server, 'sock': dup_socket, 'site': self.app, 'protocol': self._protocol, 'custom_pool': self._pool, 'log': self._logger, 'socket_timeout': self.client_socket_timeout, 'keepalive': CONF.wsgi_keep_alive, } self._server = eventlet.spawn(**wsgi_kwargs)
def _get_socket(self, host, port, backlog): bind_addr = (host, port) # TODO(dims): eventlet's green dns/socket module does not actually # support IPv6 in getaddrinfo(). We need to get around this in the # future or monitor upstream for a fix try: info = socket.getaddrinfo(bind_addr[0], bind_addr[1], socket.AF_UNSPEC, socket.SOCK_STREAM)[0] family = info[0] bind_addr = info[-1] except Exception: family = socket.AF_INET cert_file = CONF.ssl_cert_file key_file = CONF.ssl_key_file ca_file = CONF.ssl_ca_file use_ssl = cert_file or key_file if cert_file and not os.path.exists(cert_file): raise RuntimeError(_("Unable to find cert_file : %s") % cert_file) if ca_file and not os.path.exists(ca_file): raise RuntimeError(_("Unable to find ca_file : %s") % ca_file) if key_file and not os.path.exists(key_file): raise RuntimeError(_("Unable to find key_file : %s") % key_file) if use_ssl and (not cert_file or not key_file): raise RuntimeError(_("When running server in SSL mode, you must " "specify both a cert_file and key_file " "option value in your configuration file")) def wrap_ssl(sock): ssl_kwargs = { 'server_side': True, 'certfile': cert_file, 'keyfile': key_file, 'cert_reqs': ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED return ssl.wrap_socket(sock, **ssl_kwargs) sock = None retry_until = time.time() + 30 while not sock and time.time() < retry_until: try: sock = eventlet.listen(bind_addr, backlog=backlog, family=family) if use_ssl: sock = wrap_ssl(sock) except socket.error as err: if err.args[0] != errno.EADDRINUSE: raise eventlet.sleep(0.1) if not sock: raise RuntimeError(_("Could not bind to %(host)s:%(port)s " "after trying for 30 seconds") % {'host': host, 'port': port}) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) # sockets can hang around forever without keepalive netutils.set_tcp_keepalive(sock, CONF.tcp_keepalive, CONF.tcp_keepidle, CONF.tcp_keepalive_interval, CONF.tcp_keepalive_count) return sock
def start(self): """Start serving a WSGI application. :returns: None :raises: meteos.exception.InvalidInput """ # The server socket object will be closed after server exits, # but the underlying file descriptor will remain open, and will # give bad file descriptor error. So duplicating the socket object, # to keep file descriptor usable. config.set_middleware_defaults() dup_socket = self._socket.dup() netutils.set_tcp_keepalive( dup_socket, tcp_keepalive=CONF.tcp_keepalive, tcp_keepidle=CONF.tcp_keepidle, tcp_keepalive_interval=CONF.tcp_keepalive_interval, tcp_keepalive_count=CONF.tcp_keepalive_count) if self._use_ssl: try: ssl_kwargs = { 'server_side': True, 'certfile': CONF.ssl_cert_file, 'keyfile': CONF.ssl_key_file, 'cert_reqs': ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = CONF.ssl_ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED dup_socket = ssl.wrap_socket(dup_socket, **ssl_kwargs) dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) except Exception: with excutils.save_and_reraise_exception(): LOG.error( "Failed to start %(name)s on %(_host)s:%(_port)s " "with SSL support.", { "name": self.name, "_host": self._host, "_port": self._port }) wsgi_kwargs = { 'func': eventlet.wsgi.server, 'sock': dup_socket, 'site': self.app, 'protocol': self._protocol, 'custom_pool': self._pool, 'log': self._logger, 'socket_timeout': self.client_socket_timeout, 'keepalive': CONF.wsgi_keep_alive, } self._server = eventlet.spawn(**wsgi_kwargs)