If you have two (or more) instances of gunicorn that use `reuse-port`
and bind to single unix socket all work until one of gunicorn will
stopped. Because the first stopped removes unix socket file and other
instances can't longer process requests.
Some systems report UNIX socket addresses as bytes while others will
report it as a unicode string type. This patch improves socket type
detection code to support both.
Fix#1861
Currently, gunicorn automatically uses the preferred reloader (inotify
if present with fallback to polling). However, it would be useful in
some scenarios if users could force polling.
The solution for this is to add a new configuration option called
'reload_engine' which takes one of three options: ['auto', 'poll',
'inotify'].
Fixes#1459
Track the use of systemd socket activation and gunicorn socket inheritance
in the arbiter. Unify the logic of creating gunicorn sockets from each of
these sources to always use the socket name to determine the type rather
than checking the configured addresses. The configured addresses are only
used when there is no inheritance from systemd or a parent arbiter.
Fix#1298
This is similar to worker_exit() in that it is called just after a
worker has terminated, but it's called in the Gunicorn *master* process,
not the *child* process.
Numbers must be separated by dot. This makes life
a little bit harder for attackers who would like to inject specially crafted packets after GET / (e.g. in nginx there are sometimes regular expressions like (?P<action>[^.]).html
`socket.fromfd` does not close the original file descriptor, so we have to explicitly close it to avoid a leak.
See also:
http://bugs.python.org/issue10099
This changes improve the binary upgrade behaviour using USR2:
- only one binary upgrade can happen at a time: the old arbiter needs to be
killed to promote the new arbiter.
- if a new arbiter is already spawned, until one is killed USR2 has no action
- if a new arbiter has been spawned, the unix socket won't be unlinked
- until the old arbiter have been killed the newly created pidfile has the name
<pidfile>.2 and the name Master.2 .
Note: there is no dialog between both arbiters to handle this features.
Instead they will supervise each others until one is killed. So isolation is
still guaranted.
fix#1267
This change add proper file locking to gunicorn. By default "gunicorn.lock" is created in the temporary directory when a unix socket is bound. In case someone want to fix the lock file path or use multiple gunicorn instance the "--lock-file" setting can be used to set the path of this file.
fix#1259
