Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Graceful Shutdown behavior ambiguity in Reference Guide #40108

Open
philsttr opened this issue Mar 26, 2024 · 2 comments
Open

Graceful Shutdown behavior ambiguity in Reference Guide #40108

philsttr opened this issue Mar 26, 2024 · 2 comments
Labels
type: documentation A documentation update
Milestone
3.1.x

Comments

@philsttr
Copy link

I'd like for the following quote in the Graceful Shutdown documentation to be clarified...

The exact way in which new requests are not permitted varies depending on the web server that is being used. Jetty, Reactor Netty, and Tomcat will stop accepting requests at the network layer.

Specifically, does "stop accepting requests at the network layer" refer to new connection requests (meaning the client would see connection refused) or new requests on existing (persistent) connections or both? If it stops accepting requests on existing connections with no requests currently being processed, are the existing connections closed immediately or after the graceful shutdown timeout?
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Mar 26, 2024
@philwebb philwebb added type: documentation A documentation update and removed status: waiting-for-triage An issue we've not yet triaged labels Apr 22, 2024
@philwebb philwebb added this to the 3.1.x milestone Apr 22, 2024
@wilkinsona
Copy link
Member

Tomcat will reject new connections and reject a request on an existing idle connection, as covered by these two tests:

spring-boot/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/TomcatServletWebServerFactoryTests.java

Line 600 in 0c036df

void whenServerIsShuttingDownGracefullyThenNewConnectionsCannotBeMade() throws Exception {

spring-boot/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/TomcatServletWebServerFactoryTests.java

Line 625 in 0c036df

void whenServerIsShuttingDownARequestOnAnIdleConnectionResultsInConnectionReset() throws Exception {

Jetty is similar, although not exactly the same. Like Tomcat, it will reject new connections. Unlike Tomcat, it will accept requests on an existing connection but will include a Connection: close header in the response, as covered by these two tests:

spring-boot/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/jetty/JettyServletWebServerFactoryTests.java

Line 314 in 0c036df

void whenServerIsShuttingDownGracefullyThenNewConnectionsCannotBeMade() throws Exception {

spring-boot/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/jetty/JettyServletWebServerFactoryTests.java

Line 338 in 0c036df

void whenServerIsShuttingDownGracefullyThenResponseToRequestOnIdleConnectionWillHaveAConnectionCloseHeader()

Reactor Netty will reject new connections as covered by this test:

spring-boot/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/netty/NettyReactiveWebServerFactoryTests.java

Line 152 in 0c036df

void whenServerIsShuttingDownGracefullyThenNewConnectionsCannotBeMade() {

We don't have a test for its behavior when a request is made on an existing connection.

Based on this information, and to answer the questions above:

does "stop accepting requests at the network layer" refer to new connection requests (meaning the client would see connection refused) or new requests on existing (persistent) connections or both?

Tomcat, Jetty, and Reactor Netty will all refuse new connections once graceful shutdown has begun.

Tomcat will refuse a request on an existing connection and should drop the connection. Jetty will respond to a request on an existing connection and instruct the client to close the connection. Reactor Netty's behavior is unknown at the moment as we don't have a test for it.

If it stops accepting requests on existing connections with no requests currently being processed, are the existing connections closed immediately or after the graceful shutdown timeout?

I believe they're closed at the soonest of:

  • a request being received on the connection
  • the keep-alive timeout elapsing
  • the graceful shutdown timeout elapsing

I'm not sure what we should document here as it's getting down into low-level container-specific behaviour. I think we could certainly say that new connections will be refused. We could then perhaps also say that handling of new requests on existing connections during the graceful shutdown period is web server-specific. My feeling is that saying anything more would be going into too much detail.

@philsttr
Copy link
Author

Thanks for the detailed info Andy! It is very helpful.

Perhaps this info could be documented in the javadocs on the webserver-specific WebServerFactory implementations. That seems like a logical place to me, since the behavior differs somewhat between implementations. The tests would then be testing documented behavior.

Then the reference guide could be kept somewhat generic, but also direct the user to the WebServerFactory implementations for exact details.

This approach would make the information more easily discoverable by those who need it, but not clutter up the reference guide too much.

What do you think?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: documentation A documentation update
Projects
None yet
Milestone
3.1.x
Development

No branches or pull requests
4 participants
@philwebb @wilkinsona @philsttr @spring-projects-issues