Project

General

Profile

Actions

Story #13697

closed

Prevent the API server and database from continuing to serve requests to clients after timeout

Added by Joshua Randall over 6 years ago. Updated about 3 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
API
Target version:
Start date:
09/23/2021
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
0.5
Release relationship:
Auto

Description

A typical nginx configuration for the API server is to time out requests after 5m (300s). However, passenger/rails currently do not notice that the client has given up on the request and continue to process it. On some occasions (when things go wrong in other ways) we have had requests running for hours, holding locks that prevent other parts of the system from working, and in the worst cases, effecting a DoS on the entire API server by consuming all available passenger workers in the process.

There is no point in processing any part of a request for longer than the request timeout. An easy win to prevent the above scenario would be to set a postgres statement timeout to the same length as the nginx gateway timeout.

Our system has been running with a 300s statement_timeout for a few weeks without issue: https://github.com/wtsi-hgi/arvados/commit/d9728e17148db53caf1f16fce032448c3d5c1432

Probably the value used for the timeout should come from config rather than being hard-coded, so that admins can configure it appropriately when non-standard nginx configuration is used.


Subtasks 1 (0 open1 closed)

Task #18156: Review 13697-database-timeoutResolvedTom Clegg09/23/2021

Actions

Related issues 1 (0 open1 closed)

Related to Arvados - Bug #18184: Flaky test due to bug in old version of singularityResolvedTom Clegg09/24/2021

Actions
Actions

Also available in: Atom PDF