The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/6750
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Signed-off-by: Free Ekanayaka <free.ekanay...@canonical.com>
From 634c1c96f6b80bffe6e9eed5617a143690fbca66 Mon Sep 17 00:00:00 2001
From: Free Ekanayaka <free.ekanay...@canonical.com>
Date: Wed, 22 Jan 2020 10:07:39 +0000
Subject: [PATCH] Close http transports since they might keep connections
around
Signed-off-by: Free Ekanayaka <free.ekanay...@canonical.com>
---
lxd/cluster/gateway.go | 9 +++++++--
lxd/cluster/heartbeat.go | 4 +++-
lxd/cluster/tls.go | 12 ++++++++++++
3 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/lxd/cluster/gateway.go b/lxd/cluster/gateway.go
index 5641b632fa..646e8f017a 100644
--- a/lxd/cluster/gateway.go
+++ b/lxd/cluster/gateway.go
@@ -564,6 +564,9 @@ func (g *Gateway) LeaderAddress() (string, error) {
return "", fmt.Errorf("No raft node known")
}
+ transport, cleanup := tlsTransport(config)
+ defer cleanup()
+
for _, address := range addresses {
url := fmt.Sprintf("https://%s%s";, address, databaseEndpoint)
request, err := http.NewRequest("GET", url, nil)
@@ -572,7 +575,7 @@ func (g *Gateway) LeaderAddress() (string, error) {
}
setDqliteVersionHeader(request)
request = request.WithContext(ctx)
- client := &http.Client{Transport:
&http.Transport{TLSClientConfig: config}}
+ client := &http.Client{Transport: transport}
response, err := client.Do(request)
if err != nil {
logger.Debugf("Failed to fetch leader address from %s",
address)
@@ -820,7 +823,9 @@ func dqliteNetworkDial(ctx context.Context, addr string, g
*Gateway, checkLeader
}
setDqliteVersionHeader(request)
request = request.WithContext(ctx)
- client := &http.Client{Transport:
&http.Transport{TLSClientConfig: config}}
+ transport, cleanup := tlsTransport(config)
+ defer cleanup()
+ client := &http.Client{Transport: transport}
response, err := client.Do(request)
if err != nil {
return nil, err
diff --git a/lxd/cluster/heartbeat.go b/lxd/cluster/heartbeat.go
index 27aeb80767..a93092d810 100644
--- a/lxd/cluster/heartbeat.go
+++ b/lxd/cluster/heartbeat.go
@@ -356,8 +356,10 @@ func HeartbeatNode(taskCtx context.Context, address
string, cert *shared.CertInf
timeout := 2 * time.Second
url := fmt.Sprintf("https://%s%s";, address, databaseEndpoint)
+ transport, cleanup := tlsTransport(config)
+ defer cleanup()
client := &http.Client{
- Transport: &http.Transport{TLSClientConfig: config},
+ Transport: transport,
Timeout: timeout,
}
diff --git a/lxd/cluster/tls.go b/lxd/cluster/tls.go
index 6d09ff60ea..04ea9fa4b4 100644
--- a/lxd/cluster/tls.go
+++ b/lxd/cluster/tls.go
@@ -52,3 +52,15 @@ func tlsCheckCert(r *http.Request, info *shared.CertInfo)
bool {
return r.TLS != nil && trusted
}
+
+// Return an http.Transport configured using the given configuration and a
+// cleanup function to use to close all connections the transport has been
+// used.
+func tlsTransport(config *tls.Config) (*http.Transport, func()) {
+ transport := &http.Transport{
+ TLSClientConfig: config,
+ DisableKeepAlives: true,
+ MaxIdleConns: 0,
+ }
+ return transport, transport.CloseIdleConnections
+}
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
