diff options
Diffstat (limited to 'jdisc_http_service')
-rw-r--r-- | jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java index 2d54c716f8d..aeb08e042a1 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java @@ -5,11 +5,11 @@ import com.yahoo.jdisc.Response; import com.yahoo.jdisc.http.ConnectorConfig; import org.apache.http.Header; import org.apache.http.HttpEntity; +import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.conn.ssl.TrustAllStrategy; -import org.apache.http.impl.NoConnectionReuseStrategy; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.ssl.SSLContexts; @@ -19,12 +19,14 @@ import org.eclipse.jetty.server.handler.HandlerWrapper; import org.eclipse.jetty.util.ssl.SslContextFactory; import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLException; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.security.GeneralSecurityException; +import java.time.Duration; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -127,9 +129,14 @@ class HealthCheckProxyHandler extends HandlerWrapper { } CloseableHttpResponse requestStatusHtml() throws IOException { - HttpGet request = new HttpGet("https://localhost:" + port + HEALTH_CHECK_PATH); - request.setHeader("Connection", "Close"); - return client().execute(request); + try { + HttpGet request = new HttpGet("https://localhost:" + port + HEALTH_CHECK_PATH); + return client().execute(request); + } catch (SSLException e) { + log.log(Level.SEVERE, "SSL connection failed. Closing existing client, a new client will be created on next request", e); + close(); + throw e; + } } // Client construction must be delayed to ensure that the SslContextFactory is started before calling getSslContext(). @@ -139,11 +146,17 @@ class HealthCheckProxyHandler extends HandlerWrapper { if (client == null) { client = HttpClientBuilder.create() .disableAutomaticRetries() - .setConnectionReuseStrategy(NoConnectionReuseStrategy.INSTANCE) + .setMaxConnPerRoute(4) .setSSLContext(getSslContext(sslContextFactory)) .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE) .setUserTokenHandler(context -> null) // https://stackoverflow.com/a/42112034/1615280 .setUserAgent("health-check-proxy-client") + .setDefaultRequestConfig( + RequestConfig.custom() + .setConnectTimeout((int) Duration.ofSeconds(4).toMillis()) + .setConnectionRequestTimeout((int) Duration.ofSeconds(4).toMillis()) + .setSocketTimeout((int) Duration.ofSeconds(8).toMillis()) + .build()) .build(); } } @@ -175,6 +188,7 @@ class HealthCheckProxyHandler extends HandlerWrapper { synchronized (this) { if (client != null) { client.close(); + client = null; } } } |