Eric Wong | 30 Jan 10:34 2016

Re: unicorn log attack?

Lawrence Pit <lawrencepit <at> icloud.com> wrote:
> Hi Eric,
> 
> I'm writing to you directly instead of to the unicorn-public list.

Which got your HTML email tarpitted in my spam folder instead of
being bounced back right away so you could fix it :)

> I noticed yesterday our unicorn.log files, which are usually tiny,
> were gigantic in size. Fortunately, this was caused by a friendly
> attack, but had they persisted I think we would've run out of
> diskspace (of which we would've been warned in advance, so we
> could've dealt with the situation I suppose had it happened)
> 
> Upon inspection it seems requests were received as shown below (
> I've cut out the middle part of the value that was part of the form
> body that was posted )
> 
> The log statement is printed out by unicorn.rb method +log_error+.
> 
> I'm not sure this is a unicorn issue, and thinking more an issue of
> how we developers should deal with repeatedly receiving the same
> sort of (sometimes very large) exceptions? Any advice?

Right, not a unicorn issue :)

Use logrotate or similar, compress your logs frequently, be
mindful of what you dump from your app; and watch your disk
usage (which you seem to be doing already), but that includes
emails :)
(Continue reading)

Eric Wong | 28 Jan 00:16 2016
Picon

[ANN] unicorn 5.1.0.pre1 - Rack HTTP server for fast clients and *nix

Unicorn is an HTTP server for Rack applications designed to only serve
fast clients on low-latency, high-bandwidth connections and take
advantage of features in Unix/Unix-like kernels.  Slow clients should
only be served by placing a reverse proxy capable of fully buffering
both the the request and response in between unicorn and slow clients.

* http://unicorn.bogomips.org/
* public list: unicorn-public <at> bogomips.org
* mail archives: http://bogomips.org/unicorn-public/
* git clone git://bogomips.org/unicorn.git
* http://unicorn.bogomips.org/NEWS.atom.xml
* nntp://news.public-inbox.org/inbox.comp.lang.ruby.unicorn

This is a pre-release, you will need to specify the version to
install explicitly when using RubyGems.

Changes:

    unicorn 5.1.0.pre1 - rack is optional, again

    The big change is rack is not required (but still recommended).
    Applications are expected to depend on rack on their own so they can
    specify the version of rack they prefer without unicorn pulling
    in a newer, potentially incompatible version.

    unicorn will always attempt to work with multiple versions of rack
    as practical.

    The HTTP parser also switched to using the TypedData C-API for
    extra type safety and memory usage accounting support in the
(Continue reading)

Eric Wong | 27 Jan 23:55 2016

[PATCH] doc update for ClientShutdown exceptions class

State explicitly applications should not rely on it, and instead
rescue the generic EOFError exception.  This class will stick
around because there may inevitably be things which rely on it,
but we should not encourage it, either.
---
 lib/unicorn.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/unicorn.rb b/lib/unicorn.rb
index bb66b61..f122563 100644
--- a/lib/unicorn.rb
+++ b/lib/unicorn.rb
 <at>  <at>  -25,7 +25,9  <at>  <at>  module Unicorn
   # application dispatch.  This is always raised with an empty backtrace
   # since there is nothing in the application stack that is responsible
   # for client shutdowns/disconnects.  This exception is visible to Rack
-  # applications unless PrereadInput middleware is loaded.
+  # applications unless PrereadInput middleware is loaded.  This
+  # is a subclass of the standard EOFError class and applications should
+  # not rescue it explicitly, but rescue EOFError instead.
   ClientShutdown = Class.new(EOFError)

   # :stopdoc:
--

-- 
EW

--
unsubscribe: unicorn-public+unsubscribe <at> bogomips.org
archive: http://bogomips.org/unicorn-public/

(Continue reading)

Francesco Savignago | 13 Jan 10:06 2016

behaviour with signal HUP

Hi unicorn.
Asking a question about a thing that I am not able to test: does sending a HUP signal to unicorn results in
connections being dropped or kept?
TIA for support

Eric Wong | 9 Jan 00:01 2016

if you want to unsubscribe

mlmmj[1] needs to know YOUR email address when you email:

	unicorn-public+unsubscribe <at> bogomips.org

Do NOT use "unroll.me" or similar services.

They are meant for unsubscribing from marketing lists with unique
unsubscription addresses for each recipient.  That's not how
discussion list managers like mlmmj, ezmlm, or Mailman work.

[1] http://mlmmj.org/

Dealing with bounces and unsubscription is why I prefer people
read mailing lists over NNTP or HTTP:

nntp://news.public-inbox.org/inbox.comp.lang.ruby.unicorn
nntp://news.gmane.org/gmane.comp.lang.ruby.unicorn.general
http://bogomips.org/unicorn-public/

You'll never need a subscription or even a valid reply
address to mail this list.
--
unsubscribe: unicorn-public+unsubscribe <at> bogomips.org
archive: http://bogomips.org/unicorn-public/

Adam Duke | 8 Jan 19:34 2016
Picon
Gravatar

[PATCH] limit rack version for ruby compatibility

From 6f1cb0ae4b63bd1906fd83d154dae1d1f2b35407 Mon Sep 17 00:00:00 2001
From: Adam Duke <adam.v.duke <at> gmail.com>
Date: Fri, 8 Jan 2016 13:06:31 -0500
Subject: [PATCH] limit rack version for ruby compatibility

rack introduced a dependency on ruby 2.2.2 or greater in
https://github.com/rack/rack/commit/771d94e5dbe53058160a1f8a4cc56384c1d2a048

In order to maintain support for ruby versions less than 2.2.2, limit
the rack dependency to supported versions for the current ruby.
---
 unicorn.gemspec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/unicorn.gemspec b/unicorn.gemspec
index 1099361..ce7080a 100644
--- a/unicorn.gemspec
+++ b/unicorn.gemspec
 <at>  <at>  -35,7 +35,11  <at>  <at> 
   # up/downgrade to any other version, the Rack dependency may be
   # commented out.  Nevertheless, upgrading to Rails 2.3.4 or later is
   # *strongly* recommended for security reasons.
-  s.add_dependency(%q<rack>)
+  if RUBY_VERSION < '2.2.2'
+    s.add_dependency(%q<rack>, '~> 1.6.4')
+  else
+    s.add_dependency(%q<rack>)
+  end
   s.add_dependency(%q<kgio>, '~> 2.6')
   s.add_dependency(%q<raindrops>, '~> 0.7')
(Continue reading)

Eric Wong | 7 Jan 04:41 2016

[PUSHED] various documentation updates

* add nntp_url to the olddoc website footer
* update legacy support status for 4.x (not 4.8.x)
* update copyright range to 2016
* note all of our development tools are Free Software, too
* remove cgit mention; it may not always be cgit
  (but URLs should remain compatible).
* discourage downloading snapshot tarballs;
  "git clone" + periodic "git fetch" is more efficient
* remove most mentions of unicorn_rails as that
  was meant for ancient Rails 1.x/2.x users
* update path reference to Ruby 2.3.0
* fix nginx upstream module link to avoid redirect
* shorten Message-ID example to avoid redirects
  and inadvertant linkage
---
  Also pushed to the website http://unicorn.bogomips.org/
  (using olddoc.git  <at>  c98abe82b6b3 from git://80x24.org/olddoc.git)

  Curious, does anybody out there use Rails 2.x or earlier?

 .olddoc.yml                       |  1 +
 Documentation/unicorn.1.txt       |  1 -
 Documentation/unicorn_rails.1.txt |  2 +-
 HACKING                           |  2 +-
 README                            | 17 +++++------------
 lib/unicorn/configurator.rb       |  5 +++--
 lib/unicorn/http_server.rb        |  4 ++--
 7 files changed, 13 insertions(+), 19 deletions(-)

diff --git a/.olddoc.yml b/.olddoc.yml
(Continue reading)

Eric Wong | 17 Nov 23:06 2015

[PATCH] add .gitattributes for Ruby method detection

The "diff" function detection for C does not map well to
Ruby files, take advantage of gitattributes(5) to improve
method name detection in generated patches as well as
making "git diff -W" output more useful.
---
 .gitattributes | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 .gitattributes

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..21e0bd4
--- /dev/null
+++ b/.gitattributes
 <at>  <at>  -0,0 +1,5  <at>  <at> 
+*.gemspec diff=ruby
+*.rb diff=ruby
+*.ru diff=ruby
+Rakefile diff=ruby
+bin/* diff=ruby
--

-- 
EW

--
unsubscribe: unicorn-public+unsubscribe <at> bogomips.org
archive: http://bogomips.org/unicorn-public/

Eric Wong | 17 Nov 22:45 2015

[PATCH] examples: add systemd socket and service files

Since we have init scripts, we ought to have the equivalent for
systemd users who cannot upgrade via the normal SIGUSR2 mechanism;
but can use multiple services: "unicorn <at> 1" + h"unicorn <at> 2" to
accomplish the same thing.

Based on examples by Christos Trochalakis <yatiohi <at> ideopolis.gr>

ref:
http://bogomips.org/unicorn-public/20150708130821.GA1361 <at> luke.ws.skroutz.gr/
---
 examples/unicorn.socket   | 11 +++++++++++
 examples/unicorn <at> .service | 26 ++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 examples/unicorn.socket
 create mode 100644 examples/unicorn <at> .service

diff --git a/examples/unicorn.socket b/examples/unicorn.socket
new file mode 100644
index 0000000..7d5f773
--- /dev/null
+++ b/examples/unicorn.socket
 <at>  <at>  -0,0 +1,11  <at>  <at> 
+# ==> /etc/systemd/system/unicorn.socket <==
+[Unit]
+Description = unicorn sockets
+
+[Socket]
+ListenStream = 127.0.0.1:8080
+ListenStream = /tmp/path/to/.unicorn.sock
+Service = unicorn <at> 1.service
(Continue reading)

Owen Ou | 17 Nov 00:43 2015
Gravatar

undefined method `include?' for nil:NilClass (NoMethodError)

Hi,

We recently upgraded to Unicorn 5.0 but getting the following error:

[2015-11-16T14:54:16.943652 #19838] ERROR -- : app error: undefined
method `include?' for nil:NilClass (NoMethodError)

E, [2015-11-16T14:54:16.943712 #19838] ERROR -- :
/home/api/vendor/bundle/ruby/2.2.0/gems/unicorn-5.0.0/lib/unicorn/http_response.rb:40:in
`block in http_response_write'

E, [2015-11-16T14:54:16.943737 #19838] ERROR -- :
/home/api/vendor/bundle/ruby/2.2.0/gems/rack-1.6.4/lib/rack/utils.rb:490:in
`block in each'

E, [2015-11-16T14:54:16.943753 #19838] ERROR -- :
/home/api/vendor/bundle/ruby/2.2.0/gems/rack-1.6.4/lib/rack/utils.rb:489:in
`each'

E, [2015-11-16T14:54:16.943767 #19838] ERROR -- :
/home/api/vendor/bundle/ruby/2.2.0/gems/rack-1.6.4/lib/rack/utils.rb:489:in
`each’

The error came from this commit:
https://github.com/defunkt/unicorn/commit/fb2f10e1d7a72e6787720003342a21f11b879614.
And specifically the line of `if value =~ /\n/` is changed to `if
value.include?("\n".freeze)`. Apparently `value` can be nil which
caused our issue. It should be an easy fix.

Thanks,
(Continue reading)

Jeff Utter | 13 Nov 01:51 2015

Shared Metrics Between Workers

Hello,

I was wondering if anyone can offer any advice in handling stats
collections between worker processes in forking servers (like unicorn).
Specifically, I am attempting to work on a solution for the Prometheus ruby
gem. Some details are in this issue here:
https://github.com/prometheus/client_ruby/issues/9

Prometheus works with a "scrape" model, where every few seconds a
prometheus server hits a http endpoint that exposes status. With the
current middleware the stats will only represent whichever worker is hit.

I have read through the documentation for unicorn and poked around the
source code some  -- as well as searched for similar projects for
inspiration.

The earliest, promising solution I considered was raindrops, but it looks
as though you need to know all of the possible metrics up front - which
won't necessarily work as prometheus could use metrics based on parameters
which could vary.

Does anyone have any experience working with something like this?

Thanks for any suggestions.


Gmane