Merge pull request #3198 from poettering/trigger-timeout-defaults
change trigger timeout defaults
This commit is contained in:
commit
43039e4f05
2
TODO
2
TODO
|
@ -33,6 +33,8 @@ Janitorial Clean-ups:
|
||||||
|
|
||||||
Features:
|
Features:
|
||||||
|
|
||||||
|
* make sure the ratelimit object can deal with USEC_INFINITY as way to turn off things
|
||||||
|
|
||||||
* journalctl: make sure -f ends when the container indicated by -M terminates
|
* journalctl: make sure -f ends when the container indicated by -M terminates
|
||||||
|
|
||||||
* rework fopen_temporary() to make use of open_tmpfile_linkable() (problem: the
|
* rework fopen_temporary() to make use of open_tmpfile_linkable() (problem: the
|
||||||
|
|
|
@ -814,13 +814,14 @@
|
||||||
<listitem><para>Configures a limit on how often this socket unit my be activated within a specific time
|
<listitem><para>Configures a limit on how often this socket unit my be activated within a specific time
|
||||||
interval. The <varname>TriggerLimitIntervalSec=</varname> may be used to configure the length of the time
|
interval. The <varname>TriggerLimitIntervalSec=</varname> may be used to configure the length of the time
|
||||||
interval in the usual time units <literal>us</literal>, <literal>ms</literal>, <literal>s</literal>,
|
interval in the usual time units <literal>us</literal>, <literal>ms</literal>, <literal>s</literal>,
|
||||||
<literal>min</literal>, <literal>h</literal>, … and defaults to 5s (See
|
<literal>min</literal>, <literal>h</literal>, … and defaults to 2s (See
|
||||||
<citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry> for details on
|
<citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry> for details on
|
||||||
the various time units available). The <varname>TriggerLimitBurst=</varname> setting takes an integer value and
|
the various time units understood). The <varname>TriggerLimitBurst=</varname> setting takes a positive integer
|
||||||
specifies the numer of permitted activations per time interval, and defaults to 2500 (thus by default
|
value and specifies the number of permitted activations per time interval, and defaults to 200 for
|
||||||
permitting 2500 activations per 5s). Set either to 0 to disable any form of trigger rate limiting. If the limit
|
<varname>Accept=yes</varname> sockets (thus by default permitting 200 activations per 2s), and 20 otherwise (20
|
||||||
is hit, the socket unit is placed into a failure mode, and will not be connectible anymore until
|
activations per 2s). Set either to 0 to disable any form of trigger rate limiting. If the limit is hit, the
|
||||||
restarted. Note that this limit is enforced before the service activation is enqueued.</para></listitem>
|
socket unit is placed into a failure mode, and will not be connectible anymore until restarted. Note that this
|
||||||
|
limit is enforced before the service activation is enqueued.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
</variablelist>
|
</variablelist>
|
||||||
|
|
|
@ -100,7 +100,8 @@ static void socket_init(Unit *u) {
|
||||||
|
|
||||||
s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
|
s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
|
||||||
|
|
||||||
RATELIMIT_INIT(s->trigger_limit, 5*USEC_PER_SEC, 2500);
|
s->trigger_limit.interval = USEC_INFINITY;
|
||||||
|
s->trigger_limit.burst = (unsigned) -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void socket_unwatch_control_pid(Socket *s) {
|
static void socket_unwatch_control_pid(Socket *s) {
|
||||||
|
@ -328,6 +329,25 @@ static int socket_add_extras(Socket *s) {
|
||||||
|
|
||||||
assert(s);
|
assert(s);
|
||||||
|
|
||||||
|
/* Pick defaults for the trigger limit, if nothing was explicitly configured. We pick a relatively high limit
|
||||||
|
* in Accept=yes mode, and a lower limit for Accept=no. Reason: in Accept=yes mode we are invoking accept()
|
||||||
|
* ourselves before the trigger limit can hit, thus incoming connections are taken off the socket queue quickly
|
||||||
|
* and reliably. This is different for Accept=no, where the spawned service has to take the incoming traffic
|
||||||
|
* off the queues, which it might not necessarily do. Moreover, while Accept=no services are supposed to
|
||||||
|
* process whatever is queued in one go, and thus should normally never have to be started frequently. This is
|
||||||
|
* different for Accept=yes where each connection is processed by a new service instance, and thus frequent
|
||||||
|
* service starts are typical. */
|
||||||
|
|
||||||
|
if (s->trigger_limit.interval == USEC_INFINITY)
|
||||||
|
s->trigger_limit.interval = 2 * USEC_PER_SEC;
|
||||||
|
|
||||||
|
if (s->trigger_limit.burst == (unsigned) -1) {
|
||||||
|
if (s->accept)
|
||||||
|
s->trigger_limit.burst = 200;
|
||||||
|
else
|
||||||
|
s->trigger_limit.burst = 20;
|
||||||
|
}
|
||||||
|
|
||||||
if (have_non_accept_socket(s)) {
|
if (have_non_accept_socket(s)) {
|
||||||
|
|
||||||
if (!UNIT_DEREF(s->service)) {
|
if (!UNIT_DEREF(s->service)) {
|
||||||
|
@ -620,8 +640,8 @@ static void socket_dump(Unit *u, FILE *f, const char *prefix) {
|
||||||
|
|
||||||
if (!isempty(s->user) || !isempty(s->group))
|
if (!isempty(s->user) || !isempty(s->group))
|
||||||
fprintf(f,
|
fprintf(f,
|
||||||
"%sOwnerUser: %s\n"
|
"%sSocketUser: %s\n"
|
||||||
"%sOwnerGroup: %s\n",
|
"%sSocketGroup: %s\n",
|
||||||
prefix, strna(s->user),
|
prefix, strna(s->user),
|
||||||
prefix, strna(s->group));
|
prefix, strna(s->group));
|
||||||
|
|
||||||
|
@ -1271,11 +1291,13 @@ static int socket_open_fds(Socket *s) {
|
||||||
|
|
||||||
/* Apply the socket protocol */
|
/* Apply the socket protocol */
|
||||||
switch(p->address.type) {
|
switch(p->address.type) {
|
||||||
|
|
||||||
case SOCK_STREAM:
|
case SOCK_STREAM:
|
||||||
case SOCK_SEQPACKET:
|
case SOCK_SEQPACKET:
|
||||||
if (p->socket->socket_protocol == IPPROTO_SCTP)
|
if (p->socket->socket_protocol == IPPROTO_SCTP)
|
||||||
p->address.protocol = p->socket->socket_protocol;
|
p->address.protocol = p->socket->socket_protocol;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case SOCK_DGRAM:
|
case SOCK_DGRAM:
|
||||||
if (p->socket->socket_protocol == IPPROTO_UDPLITE)
|
if (p->socket->socket_protocol == IPPROTO_UDPLITE)
|
||||||
p->address.protocol = p->socket->socket_protocol;
|
p->address.protocol = p->socket->socket_protocol;
|
||||||
|
@ -1339,8 +1361,7 @@ static int socket_open_fds(Socket *s) {
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case SOCKET_USB_FUNCTION:
|
case SOCKET_USB_FUNCTION: {
|
||||||
{
|
|
||||||
_cleanup_free_ char *ep = NULL;
|
_cleanup_free_ char *ep = NULL;
|
||||||
|
|
||||||
ep = path_make_absolute("ep0", p->path);
|
ep = path_make_absolute("ep0", p->path);
|
||||||
|
|
Loading…
Reference in New Issue