URL: https://github.com/freeipa/freeipa/pull/624
Author: tiran
 Title: #624: Use connection keep-alive
Action: opened

PR body:
"""
Do not forcefully close the connection after every request. This enables
HTTP connection keep-alive, also known as persistent TCP and TLS/SSL
connection. Keep-alive speed up consecutive HTTP requests by 15% (for
local, low-latency network connections to a fast server) to multiple
times (high latency connections or remote peers).

pache has a default keep alive timeout of 5 seconds. That's too low for
interactive commands, e.g. password prompts. 30 seconds sounds like a
good compromise.

https://pagure.io/freeipa/issue/6641
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/624/head:pr624
git checkout pr624
From a6fd562321f14d9463d56e400b35796553724011 Mon Sep 17 00:00:00 2001
From: Christian Heimes <chei...@redhat.com>
Date: Mon, 20 Mar 2017 08:47:41 +0100
Subject: [PATCH 1/3] Use connection keep-alive

Do not forcefully close the connection after every request. This enables
HTTP connection keep-alive, also known as persistent TCP and TLS/SSL
connection. Keep-alive speed up consecutive HTTP requests by 15% (for
local, low-latency network connections to a fast server) to multiple
times (high latency connections or remote peers).

https://pagure.io/freeipa/issue/6641

Signed-off-by: Christian Heimes <chei...@redhat.com>
---
 ipalib/rpc.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipalib/rpc.py b/ipalib/rpc.py
index 16ffb8b..8d58718 100644
--- a/ipalib/rpc.py
+++ b/ipalib/rpc.py
@@ -686,7 +686,7 @@ def single_request(self, host, handler, request_body, verbose=0):
                 return self.parse_response(response)
         except gssapi.exceptions.GSSError as e:
             self._handle_exception(e)
-        finally:
+        except BaseException:
             self.close()
 
     if six.PY3:

From 4bd89726681dbc7d86f138da9bbb4b1a1b353df1 Mon Sep 17 00:00:00 2001
From: Christian Heimes <chei...@redhat.com>
Date: Mon, 20 Mar 2017 08:47:51 +0100
Subject: [PATCH 2/3] Add debug logging for keep-alive

Signed-off-by: Christian Heimes <chei...@redhat.com>
---
 ipalib/rpc.py | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/ipalib/rpc.py b/ipalib/rpc.py
index 8d58718..38321d1 100644
--- a/ipalib/rpc.py
+++ b/ipalib/rpc.py
@@ -79,6 +79,13 @@
     from xmlrpc.client import (Binary, Fault, DateTime, dumps, loads, ServerProxy,
             Transport, ProtocolError, MININT, MAXINT)
 
+# pylint: disable=import-error
+if six.PY3:
+    from http.client import RemoteDisconnected
+else:
+    from httplib import BadStatusLine as RemoteDisconnected
+# pylint: enable=import-error
+
 
 if six.PY3:
     unicode = str
@@ -531,6 +538,7 @@ def make_connection(self, host):
         host, self._extra_headers, _x509 = self.get_host_info(host)
 
         if self._connection and host == self._connection[0]:
+            root_logger.debug("HTTP connection keep-alive (%s)", host)
             return self._connection[1]
 
         conn = create_https_connection(
@@ -540,6 +548,7 @@ def make_connection(self, host):
             tls_version_max=api.env.tls_version_max)
 
         conn.connect()
+        root_logger.debug("New HTTP connection (%s)", host)
 
         self._connection = host, conn
         return self._connection[1]
@@ -686,8 +695,18 @@ def single_request(self, host, handler, request_body, verbose=0):
                 return self.parse_response(response)
         except gssapi.exceptions.GSSError as e:
             self._handle_exception(e)
-        except BaseException:
+        except RemoteDisconnected:
+            # keep-alive connection was terminated by remote peer, close
+            # connection and let transport handle reconnect for us.
+            self.close()
+            root_logger.debug("HTTP server has closed connection (%s)", host)
+            raise
+        except BaseException as e:
+            # Unexpected exception may leave connections in a bad state.
             self.close()
+            root_logger.debug("HTTP connection destroyed (%s)",
+                              host, exc_info=True)
+            raise
 
     if six.PY3:
         def __send_request(self, connection, host, handler, request_body, debug):

From fd03824d4c318b566bf41bd5ba7089c54c112919 Mon Sep 17 00:00:00 2001
From: Christian Heimes <chei...@redhat.com>
Date: Mon, 20 Mar 2017 08:47:56 +0100
Subject: [PATCH 3/3] Increase Apache HTTPD's default keep alive timeout

Apache has a default keep alive timeout of 5 seconds. That's too low for
interactive commands, e.g. password prompts. 30 seconds sounds like a
good compromise.

Signed-off-by: Christian Heimes <chei...@redhat.com>
---
 install/conf/ipa.conf | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf
index 164231c..e1f1a58 100644
--- a/install/conf/ipa.conf
+++ b/install/conf/ipa.conf
@@ -1,5 +1,5 @@
 #
-# VERSION 24 - DO NOT REMOVE THIS LINE
+# VERSION 25 - DO NOT REMOVE THIS LINE
 #
 # This file may be overwritten on upgrades.
 #
@@ -20,6 +20,11 @@ DirectoryIndex index.html
 # requests, ticket #2767. This should easily support a 64KiB PAC.
 LimitRequestFieldSize 100000
 
+# Increase connection keep alive time. Default value is 5 seconds, which is too
+# short for interactive ipa commands. 30 seconds is a good compromise.
+KeepAlive On
+KeepAliveTimeout 30
+
 # ipa-rewrite.conf is loaded separately
 
 # This is required so the auto-configuration works with Firefox 2+
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to