Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v12] Ensure that the webclient closes connections #22893

Merged
merged 1 commit into from
Mar 10, 2023
Merged

[v12] Ensure that the webclient closes connections #22893

merged 1 commit into from
Mar 10, 2023

Conversation

rosstimothy
Copy link
Contributor

Backport #22832 to branch/v12

@rosstimothy rosstimothy self-assigned this Mar 10, 2023
@github-actions github-actions bot added kubernetes-access size/md tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Mar 10, 2023
@rosstimothy
Ensure that the webclient closes connections (#22832)
0f3f787 
The `http.Client.Transport` created in `newWebClient` wraps a
chain of `http.RoundTripper` over an underlying `http.Transport`.
Since we cannot guarantee that each `http.RoundTipper` has a
`CloseIdleConnections` method the usage of
`defer clt.CloseIdleConnections()` does not guarantee that the http
connections created during Find/Ping/etc are closed.

To prevent leaking connections implementations of `http.RoundTripper`
have added a `CloseIdleConnections` method added that forwards the
request on to the wrapped interface. The `otelhttp.Transport` does
not implement this method either so care has been taken to wrap it
in a `http.RoundTripper` which will call the root transport in
`enforceCloseIdleConnections`. An upstream issue has been filed
with otelhttp: open-telemetry/opentelemetry-go-contrib#3543
to get the method added to their `Transport` implementation.

This wasn't noticed prior to upgrading to go1.20 becuase prior to
[this](golang/go@4e7e7ae)
commit the `ReadHeaderTimeout` set on the Proxy web api http.Server
would cause the connection to appear idle and get terminated by the
server.

`TestWebClientClosesIdleConnections` was added to capture the leak
in connections as reported in #22757 and prevent any regressions.
@rosstimothy rosstimothy added this pull request to the merge queue Mar 10, 2023
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Mar 10, 2023
@rosstimothy rosstimothy added this pull request to the merge queue Mar 10, 2023
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Mar 10, 2023
@rosstimothy rosstimothy added this pull request to the merge queue Mar 10, 2023
Merged via the queue into branch/v12 with commit ed70a0d Mar 10, 2023
@rosstimothy rosstimothy deleted the tross/backport-22832/v12 branch March 10, 2023 18:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marcoandredinis marcoandredinis marcoandredinis approved these changes

@zmb3 zmb3 zmb3 approved these changes

Assignees

@rosstimothy rosstimothy

Labels
backport kubernetes-access size/md tsh tsh - Teleport's command line tool for logging into nodes running Teleport.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rosstimothy @marcoandredinis @zmb3