summaryrefslogtreecommitdiffstats
path: root/jdisc_http_service
diff options
context:
space:
mode:
Diffstat (limited to 'jdisc_http_service')
-rw-r--r--jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java24
1 files changed, 19 insertions, 5 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java
index 2d54c716f8d..aeb08e042a1 100644
--- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java
+++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java
@@ -5,11 +5,11 @@ import com.yahoo.jdisc.Response;
import com.yahoo.jdisc.http.ConnectorConfig;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
+import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.TrustAllStrategy;
-import org.apache.http.impl.NoConnectionReuseStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.ssl.SSLContexts;
@@ -19,12 +19,14 @@ import org.eclipse.jetty.server.handler.HandlerWrapper;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLException;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.GeneralSecurityException;
+import java.time.Duration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -127,9 +129,14 @@ class HealthCheckProxyHandler extends HandlerWrapper {
}
CloseableHttpResponse requestStatusHtml() throws IOException {
- HttpGet request = new HttpGet("https://localhost:" + port + HEALTH_CHECK_PATH);
- request.setHeader("Connection", "Close");
- return client().execute(request);
+ try {
+ HttpGet request = new HttpGet("https://localhost:" + port + HEALTH_CHECK_PATH);
+ return client().execute(request);
+ } catch (SSLException e) {
+ log.log(Level.SEVERE, "SSL connection failed. Closing existing client, a new client will be created on next request", e);
+ close();
+ throw e;
+ }
}
// Client construction must be delayed to ensure that the SslContextFactory is started before calling getSslContext().
@@ -139,11 +146,17 @@ class HealthCheckProxyHandler extends HandlerWrapper {
if (client == null) {
client = HttpClientBuilder.create()
.disableAutomaticRetries()
- .setConnectionReuseStrategy(NoConnectionReuseStrategy.INSTANCE)
+ .setMaxConnPerRoute(4)
.setSSLContext(getSslContext(sslContextFactory))
.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.setUserTokenHandler(context -> null) // https://stackoverflow.com/a/42112034/1615280
.setUserAgent("health-check-proxy-client")
+ .setDefaultRequestConfig(
+ RequestConfig.custom()
+ .setConnectTimeout((int) Duration.ofSeconds(4).toMillis())
+ .setConnectionRequestTimeout((int) Duration.ofSeconds(4).toMillis())
+ .setSocketTimeout((int) Duration.ofSeconds(8).toMillis())
+ .build())
.build();
}
}
@@ -175,6 +188,7 @@ class HealthCheckProxyHandler extends HandlerWrapper {
synchronized (this) {
if (client != null) {
client.close();
+ client = null;
}
}
}