Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for graceful shutdown of OPA server #1291

Closed
urvil38 opened this issue Mar 27, 2019 · 3 comments
Closed

Add support for graceful shutdown of OPA server #1291

urvil38 opened this issue Mar 27, 2019 · 3 comments
Assignees
@patrick-east

Comments

@urvil38
Copy link

urvil38 commented Mar 27, 2019
edited
Loading

OPA should wait for active connection to gracefully handled and then shutdown.

signalChannel := make(chan os.Signal, 1)
signal.Notify(signalChannel, os.Interrupt,syscall.SIGTERM)

var wait time.Duration

<-signalChannel
log.Println("Recevied SIGINT signal")
log.Println("shutting down server")

ctx, cancel := context.WithTimeout(context.Background(), wait)
defer cancel()

err := server.Shutdown(ctx)
@tsandall
Copy link
Member

tsandall commented Apr 8, 2019

We've had users request better support for graceful shutdown of the OPA server deployed in the Kubernetes admission control use case. What I think we would be good is to extend OPA with a command line flag that lets users set the graceful shutdown period, e.g., opa run --server --graceful-shutdown-period=30s. When a SIGTERM is received, OPA should wait for the shutdown period before exiting. @patrick-east can you take a look at this?

@patrick-east
Copy link
Contributor

Can do. One clarification, we want to let active connections finish and stop accepting new ones? Or allow new ones in the grace period too?

@tsandall
Copy link
Member

tsandall commented Apr 8, 2019

I think it's OK to accept new connections during the shutdown period for now. In k8s, the endpoint will get removed, so the OPA should stop receiving new requests. We can revisit in the future as needed.

patrick-east added a commit to patrick-east/opa that referenced this issue Apr 9, 2019
@patrick-east
Add support for graceful shutdown of OPA server
63f4420 
There is a new CLI option to configure the grace period:

`--shutdown-grace-period`

The option defaults to 10 seconds.

When a SIGINT or SIGTERM is sent the runtime will catch them and
attempt to gracefully shutdown the http servers. If the timeout is reached
it will log an error and continue with exiting (in a less graceful way).

Unit testing is a little bit light on this. Its touching some parts of the
code that aren't super easy to mock out. We can probably refactor
things in the future to make it easier.

Fixes: open-policy-agent#1291
Signed-off-by: Patrick East <east.patrick@gmail.com>
@patrick-east patrick-east mentioned this issue Apr 9, 2019
Merged
tsandall pushed a commit that referenced this issue Apr 10, 2019
@patrick-east @tsandall
Add support for graceful shutdown of OPA server
b96f8c3 
There is a new CLI option to configure the grace period:

`--shutdown-grace-period`

The option defaults to 10 seconds.

When a SIGINT or SIGTERM is sent the runtime will catch them and
attempt to gracefully shutdown the http servers. If the timeout is reached
it will log an error and continue with exiting (in a less graceful way).

Unit testing is a little bit light on this. Its touching some parts of the
code that aren't super easy to mock out. We can probably refactor
things in the future to make it easier.

Fixes: #1291
Signed-off-by: Patrick East <east.patrick@gmail.com>
@snyk-bot snyk-bot mentioned this issue Feb 4, 2022
Open
@snyk-bot snyk-bot mentioned this issue Feb 8, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@patrick-east patrick-east

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tsandall @patrick-east @urvil38