diff options
| author | Brad Fitzpatrick <bradfitz@tailscale.com> | 2020-04-04 08:20:54 -0700 |
|---|---|---|
| committer | Brad Fitzpatrick <brad@danga.com> | 2020-04-04 14:46:41 -0700 |
| commit | 3b4b17d23980c23ce46cd94deaacfbd4f9d4446f (patch) | |
| tree | 1f436f4396e05dfa7d866f296ed65d2f76cfef4b | |
| parent | 5d995d9d6b66a2b87cd71e6c389c5be8ad390704 (diff) | |
| download | tailscale-3b4b17d23980c23ce46cd94deaacfbd4f9d4446f.tar.xz tailscale-3b4b17d23980c23ce46cd94deaacfbd4f9d4446f.zip | |
logpolicy: log on dials, add knob to force HTTP/1 for log uploads
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
| -rw-r--r-- | logpolicy/logpolicy.go | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/logpolicy/logpolicy.go b/logpolicy/logpolicy.go index 53c75667c..afb55f7e8 100644 --- a/logpolicy/logpolicy.go +++ b/logpolicy/logpolicy.go @@ -10,13 +10,18 @@ package logpolicy import ( "bytes" "context" + "crypto/tls" "encoding/json" "fmt" "io/ioutil" "log" + "net" + "net/http" "os" "path/filepath" "runtime" + "strconv" + "time" "github.com/klauspost/compress/zstd" "golang.org/x/crypto/ssh/terminal" @@ -182,6 +187,7 @@ func New(collection string) *Policy { } return w }, + HTTPC: &http.Client{Transport: newLogtailTransport()}, } filchBuf, filchErr := filch.New(filepath.Join(dir, version.CmdName()), filch.Options{}) @@ -220,3 +226,48 @@ func (p *Policy) Shutdown(ctx context.Context) error { } return nil } + +// newLogtailTransport returns the HTTP Transport we use for uploading logs. +func newLogtailTransport() *http.Transport { + // Start with a copy of http.DefaultTransport and tweak it a bit. + tr := http.DefaultTransport.(*http.Transport).Clone() + + // We do our own zstd compression on uploads, and responses never contain any payload, + // so don't send "Accept-Encoding: gzip" to save a few bytes on the wire, since there + // will never be any body to decompress: + tr.DisableCompression = true + + // Log whenever we dial: + tr.DialContext = func(ctx context.Context, netw, addr string) (net.Conn, error) { + nd := &net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + DualStack: true, + } + t0 := time.Now() + c, err := nd.DialContext(ctx, netw, addr) + d := time.Since(t0).Round(time.Millisecond) + if err != nil { + log.Printf("logtail: dial %q failed: %v (in %v)", addr, err, d) + } else { + log.Printf("logtail: dialed %q in %v", addr, d) + } + return c, err + } + + // We're contacting exactly 1 hostname, so the default's 100 + // max idle conns is very high for our needs. Even 2 is + // probably double what we need: + tr.MaxIdleConns = 2 + + // Provide knob to force HTTP/1 for log uploads. + // TODO(bradfitz): remove this debug knob once we've decided + // to upload via HTTP/1 or HTTP/2 (probably HTTP/1). Or we might just enforce + // it server-side. + if h1, _ := strconv.ParseBool(os.Getenv("TS_DEBUG_FORCE_H1_LOGS")); h1 { + tr.TLSClientConfig = nil // DefaultTransport's was already initialized w/ h2 + tr.ForceAttemptHTTP2 = false + tr.TLSNextProto = map[string]func(authority string, c *tls.Conn) http.RoundTripper{} + } + return tr +} |