From 830365463fcaa8d62f5b75106e7ab6ecb2010c72 Mon Sep 17 00:00:00 2001 From: David Sauer Date: Thu, 7 Sep 2023 16:03:04 +0200 Subject: [PATCH 1/2] limit fcgi client maximum request execution time --- go.mod | 2 ++ go.sum | 4 ++-- phpfpm/phpfpm.go | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index a8bc322e..c193dbed 100644 --- a/go.mod +++ b/go.mod @@ -14,3 +14,5 @@ require ( ) go 1.13 + +replace github.com/tomasen/fcgi_client => github.com/kanocz/fcgi_client v0.0.0-20210113082628-fff85c8adfb7 diff --git a/go.sum b/go.sum index 58dc8894..a1e48c5d 100644 --- a/go.sum +++ b/go.sum @@ -1443,6 +1443,8 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= +github.com/kanocz/fcgi_client v0.0.0-20210113082628-fff85c8adfb7 h1:W0fAsQ7bC1db4k9O2X6yZvatz/0c/ISyxhmNnc6arZA= +github.com/kanocz/fcgi_client v0.0.0-20210113082628-fff85c8adfb7/go.mod h1:dHpIS7C6YjFguh5vo9QBVEojDoL3vh3v6oEho2HtNyA= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= @@ -1639,8 +1641,6 @@ github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcU github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= -github.com/tomasen/fcgi_client v0.0.0-20180423082037-2bb3d819fd19 h1:ZCmSnT6CLGhfoQ2lPEhL4nsJstKDCw1F1RfN8/smTCU= -github.com/tomasen/fcgi_client v0.0.0-20180423082037-2bb3d819fd19/go.mod h1:SXTY+QvI+KTTKXQdg0zZ7nx0u94QWh8ZAwBQYsW9cqk= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/xhit/go-str2duration v1.2.0/go.mod h1:3cPSlfZlUHVlneIVfePFWcJZsuwf+P1v2SRTV4cUmp4= github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= diff --git a/phpfpm/phpfpm.go b/phpfpm/phpfpm.go index 400c2330..925c4aa8 100644 --- a/phpfpm/phpfpm.go +++ b/phpfpm/phpfpm.go @@ -163,6 +163,8 @@ func (p *Pool) Update() (err error) { defer fcgi.Close() + fcgi.SetTimeout(time.Duration(3) * time.Second) + env := map[string]string{ "SCRIPT_FILENAME": path, "SCRIPT_NAME": path, From 57e431b788a4d7dfc923d1cd66a762420ac1d6f7 Mon Sep 17 00:00:00 2001 From: David Sauer Date: Thu, 7 Sep 2023 16:04:21 +0200 Subject: [PATCH 2/2] configure prometheus handler to limit maximum requests in flight and maximum request execution time --- cmd/server.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/cmd/server.go b/cmd/server.go index d1d82028..46e625d3 100644 --- a/cmd/server.go +++ b/cmd/server.go @@ -71,7 +71,15 @@ to quickly create a Cobra application.`, IdleTimeout: time.Second * 60, } - http.Handle(metricsEndpoint, promhttp.Handler()) + opts := promhttp.HandlerOpts{ + Timeout: 5 * time.Second, + MaxRequestsInFlight: 2, + } + handler := promhttp.InstrumentMetricHandler( + prometheus.DefaultRegisterer, + promhttp.HandlerFor(prometheus.DefaultGatherer, opts), + ) + http.Handle(metricsEndpoint, handler) http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { _, err := w.Write([]byte(` php-fpm_exporter